The CVE Binary Tool

The CVE Binary Tool#

https://raw.githubusercontent.com/intel/cve-bin-tool/main/doc/images/cve-bin-tool-workflow-800px.png

Description#

The CVE Binary Tool is a free, open source tool to help you find known vulnerabilities in software, using data from the National Vulnerability Database (NVD) list of Common Vulnerabilities and Exposures (CVEs) as well as known vulnerability data from Redhat, Open Source Vulnerability Database (OSV), Gitlab Advisory Database (GAD), and Curl.

Home page for this solution: https://cve-bin-tool.readthedocs.io/en/latest/

Overview#

Key

Value

Name

cve-bin-tool

Description

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

License

GNU General Public License v3.0

Programming Language

Python

Created

2019-01-11

Last update

2025-03-20

Github Stars

1356

Project Home Page

https://cve-bin-tool.readthedocs.io/en/latest/

Code Repository

intel/cve-bin-tool

OpenSSF Scorecard

Report

Note:

  • Created date is date that repro is created on Github.com.

  • Last update is only the last date I run an automatic check.

  • Do not attach a wrong value to github stars. Its a vanity metric! Stars count are misleading and don’t indicate if the SBB is high-quality or very popular.