CVE Binary Tool 0.3.0

My work open source project had its second public release! Python folk can get it via pip install cve-bin-tool or by going to

I don’t really talk about work much here, but one of the things I’ve been doing is a little helper tool called the CVE Binary Tool. It scans your code for a select number of common open source components and warns you if any of them are out of date and have known security issues (also known as CVEs, which stands for Common Vulnerability and Exposure and is basically a numbering system for publicly known security problems). Probably most people who read my blog don’t need this tool, but if you write software that ships binaries or if you like to hack software binaries, it’s a simple but informative thing to have in your toolbox. There are more comprehensive tools in this space, but they’re usually fairly expensive and fairly slow, so a free and relatively fast one has a nice niche.

The biggest new thing I’m excited about in CVE Binary Tool 0.3.0 is that it now includes Windows support, which was provided by my Google Summer of Code Student Ziao Wang. He’s been working with us for the summer and just wrapped up his time on Monday, so I was really happy we were able to get this release out before he finished his term! He’s also done some parallelization work that should make parts of this release faster, as well as other bugfixes and enhancements.

There’s also some other great stuff in there: new checkers, new usage modes, and a number of bug fixes and improvements.

Amusingly, given that I’ve been fairly involved in the Python community for so long, this was actually the first time I’ve pushed the “go” button on a release to PyPI all by myself. I like to think this is just a sign of my incredibly amazing collaborative skill, but I still had a laugh at myself when I had to read all the docs to make sure I was doing it right!