Skip to content


How to change the server name ?

By default OpenCVE's webserver listens on, but you can easily change that.

The first step is to set the server_name config of the opencve.cfg file (this setting is used by OpenCVE to correctly construct the URLs in the email templates):

$ cat ~/opencve/opencve.cfg
server_name =

Then you can use the -b option of the webserver command to choose your wanted binding:

$ opencve webserver -b
[2021-03-27 11:21:12 +0100] [57622] [INFO] Starting gunicorn 20.0.4
[2021-03-27 11:21:12 +0100] [57622] [INFO] Listening at: (57622)
[2021-03-27 11:21:12 +0100] [57622] [INFO] Using worker: sync
[2021-03-27 11:21:12 +0100] [57676] [INFO] Booting worker with pid: 57676


In fact the webserver command is just a wrapper on top of the gunicorn command, so you can use all the options provided by this WSGI server.

How to use the disk space for the import-data command ?

OpenCVE has to parse the CPE dictionnary to insert vendors and products in its PostgreSQL database, as well as the CVE and CWE list.

Because the parsing is done in memory, the import-data command requires 5 GB RAM at least. If

In case you don't have 5 GB RAM available and you have disk space, you can use a swap file to do the initial import of CVEs:

$ fallocate -l 5G /swapfile
$ chmod 600 /swapfile
$ mkswap /swapfile
$ swapon /swapfile

When the import is done, you can clean the swapfile with the following commands:

$ swapoff /swapfile
$ rm /swapfile