OSV

Instructions

Implementation Reference

• src/server.py:139-152 (handler)

  MCP tool registration and handler for 'query_for_cve_affected'. Defines input schema via docstring and type hint (cve: str), instantiates OSVServer, and delegates to its query_for_cve_affected method.
  @mcp.tool() def query_for_cve_affected(cve: str): """ Query the OSV database for a CVE and return the affected versions. Args: cve: The CVE ID to query Returns: A list of affected versions """ osv = OSVServer() return osv.query_for_cve_affected(cve)
• src/server.py:84-90 (handler)

  Core handler logic within OSVServer class: queries OSV API for the CVE and parses the affected versions using helper methods.
  def query_for_cve_affected(self, cve: str): """ Query the OSV database for a CVE and return the affected versions. """ data = self._query_cve(cve) versions = self._parse_versions(data) return versions
• src/server.py:23-29 (helper)

  Helper method to query the OSV API endpoint for a specific CVE ID.
  def _query_cve(self, cve: str): """ Query the OSV database for a CVE. """ url = self.cve_url.format(cve_id=cve) response = requests.get(url) return response.json()
• src/server.py:31-48 (helper)

  Helper method to parse affected version strings from the OSV response JSON.
  def _parse_versions(self, data: dict): """ Parse version strings from the OSV response. Extracts versions from the 'versions' array in the affected package data. Args: data: The full OSV response JSON data Returns: List of version strings """ versions = [] if 'affected' in data: for affected in data['affected']: if 'versions' in affected: versions.extend(affected['versions']) versions = list(set(versions)) return versions