It’s been released. Use this with NIST::NVD 1.00.00 and you will be able to perform immediate look-ups of CVE and CWE data given a CPE URN. For instance:
cjac@foxtrot:/usr/src/git/f5/NIST-NVD-Store-SQLite3$ perl Makefile.PL ; make ; make test ; cjac@foxtrot:/usr/src/git/f5/NIST-NVD-Store-SQLite3$ perl -MNIST::NVD::Query -MData::Dumper -e ' $q = NIST::NVD::Query->new(store => q{SQLite3},database => q{t/data/nvdcve-2.0.db}); $cve_list = $q->cve_for_cpe( cpe => q{cpe:/a:microsoft:ie:7.0.5730.11} ); print Data::Dumper::Dumper { cve_list => $cve_list, first_cvss => $q->cve( cve_id => $cve_list->[0] )->{q{vuln:cvss}} } ' $VAR1 = { 'cve_list' => [ 'CVE-2002-2435', 'CVE-2010-5071' ], 'first_cvss' => { 'cvss:base_metrics' => { …[Read more]