API service for prioritize vulnerabilities. It's combination of:

• FastAPI (API gateway)
• cvemap (util to get more info for vulnerabilities)
• CVE_Prioritizer (idea of categorization)

• Critical (if exists POC or Nuclei template or vulnerability in KEV)
• High (CVSS > 6.0, EPSS > 0.2)
• Medium (CVSS > 6.0, EPSS <= 0.2)
• Low (CVSS <= 6.0, EPSS > 0.2)
• Info (everything else)
• Undefined (some trouble with CVSS and EPSS score for vulnerability)

You need to install docker itself and then do next commands:

# git clone [<this repo>](https://github.com/denimoll/CVE-PaaS.git) # cd CVE-PaaS # bash start.sh 

For the first start you must write API key from ProjectDiscovery (you need to be registered).

All API Endpoints described on localhost:8000/docs:

• / - homepage
• /get_info/{cve_id} - Main function: return info from cvemap and determine priority
• /reget_info/{cve_id} - Return info from cvemap and priority (use when result outdated)
• /all_results - Return all results with full info (without priorities)
• /remove_results - Remove all results (use when results outdated)

• New flow: Change instruction for start with ghcr.io
• Endpoints: Rework endpoint list
• Annotation: Add annotation to params for all endpoints
• Settings: Add functional to change thresholds
• Optimization: Add Database for contain and fast reget info
• Security: Add the ability to customize parameters: allow_origins