Skip to content

FAQ

What changes between OpenCVE v1 and v2?

You can read this blog post for more information.

How to change the server name ?

By default OpenCVE's webserver listens on 127.0.0.1:8000, but you can easily change that.

The first step is to set the server_name config of the opencve.cfg file (this setting is used by OpenCVE to correctly construct the URLs in the email templates):

$ cat ~/opencve/opencve.cfg
[core]
server_name = 0.0.0.0:8080
...

Then you can use the -b option of the webserver command to choose your wanted binding:

$ opencve webserver -b 0.0.0.0:8080
[2021-03-27 11:21:12 +0100] [57622] [INFO] Starting gunicorn 20.0.4
[2021-03-27 11:21:12 +0100] [57622] [INFO] Listening at: http://0.0.0.0:8080 (57622)
[2021-03-27 11:21:12 +0100] [57622] [INFO] Using worker: sync
[2021-03-27 11:21:12 +0100] [57676] [INFO] Booting worker with pid: 57676

Tip

In fact the webserver command is just a wrapper on top of the gunicorn command, so you can use all the options provided by this WSGI server.

How to use the disk space for the import-data command ?

OpenCVE has to parse the CPE dictionnary to insert vendors and products in its PostgreSQL database, as well as the CVE and CWE list.

Because the parsing is done in memory, the import-data command requires 5 GB RAM at least. If

In case you don't have 5 GB RAM available and you have disk space, you can use a swap file to do the initial import of CVEs:

$ fallocate -l 5G /swapfile
$ chmod 600 /swapfile
$ mkswap /swapfile
$ swapon /swapfile

When the import is done, you can clean the swapfile with the following commands:

$ swapoff /swapfile
$ rm /swapfile