Thanks to visit codestin.com
Credit goes to lib.rs

Lib.rs

Command line utilities | Database interfaces
#nvd #cyber #tyr #cli

app get-cwe

Tools for CVE managing, exploring and collect some data about their weaknesses and classifications

Owned by tneenot.

5 stable releases

Uses new Rust 2024

1.10.0 Dec 13, 2025
1.8.1 Nov 22, 2025
1.1.1 Mar 8, 2025
1.0.1 Nov 20, 2024
0.1.0 Nov 12, 2024

#1571 in Command line utilities

MIT license

170KB
3K SLoC

Tyr - get-cwe

Installation

cargo install get-cwe

Purpose

This command line utility explore the list of CWE according to the cwe id.

Initialisation

You must initialize the CWE database first. This database will be installed into you <home_directory>/.tyr directory. If this directory doesn't exist it will be created automatically.

From a console run the following command first to test your internet connection:

$ get-cwe check

Test: https://cwe.mitre.org/data/csv/699.csv.zip... valid
Test: https://cwe.mitre.org/data/csv/1194.csv.zip... valid
Test: https://cwe.mitre.org/data/csv/1000.csv... valid

This command test the availability of each CSV file that will be used for your internal database.

Afterward, run the following command:

$ get-cwe refresh

Archive downloaded and extracted successfully: 699.csv
CWE data injected into SQLite database successfully.
Operation completed successfully: 699.csv
Archive downloaded and extracted successfully: 1194.csv
CWE data injected into SQLite database successfully.
Operation completed successfully: 1194.csv
Archive downloaded and extracted successfully: 1000.csv
CWE data injected into SQLite database successfully.
Operation completed successfully: 1000.csv

Each archive file is downloaded and injected into your local sqlite database.

You're ready to go !

Additional checking

You can check your local database with the following command:

$ get-cwe check --db

Database successfully found!

If you have no database, you'll get this status:

$ get-cwe check --db

Database does not exist!

Explore

To explore a CWE according to its id.:

$ get-cwe CWE-91

You can search some CWE elements with the search feature:

$ get-cwe search 'description = Path and system'
...
 [ CWE-73 ]
  -> Name: External Control of File Name or Path
    > Description: The product allows user input to control or influence paths or file names that are used in filesystem operations.
 [ CWE-514 ]
  -> Name: Covert Channel
    > Description: A covert channel is a path that can be used to transfer information in a way not intended by the system's designers.

To explore the schema for a CWE:

$ get-cwe cwe-91 --schema                       
 CWE-91
 ├─ CAPEC
   ├─ CAPEC-83 - XPath Injection
   └─ CAPEC-250 - XML Injection
 └─ CVE
    ├─ CVE-2008-5024
    ├─ CVE-2013-4221
    ├─ CVE-2013-4857
    ├─ CVE-2013-7429
....
    ├─ CVE-2024-2645
    ├─ CVE-2024-2648
    └─ CVE-2025-12921

To explore all options run get-cwe help

Authors and acknowledgment

Help will be appreciated. All tools will be developed with rust technology.

License

This project is under MIT license.

Project status

This project is under development and all contributions are welcome.

These tools are provided without any guaranties.

Dependencies

~64MB
~1M SLoC