{"id":8036,"library":"cpe","title":"CPE: Common Platform Enumeration for Python","description":"CPE (Common Platform Enumeration) is a standardized method for describing and identifying applications, operating systems, and hardware devices. The `cpe` Python library (version 1.3.1) provides functionality for parsing, representing, validating, and comparing CPE names across versions 1.1, 2.2, and 2.3 of the CPE specification. It is actively maintained with recent releases focusing on bug fixes and minor feature enhancements.","status":"active","version":"1.3.1","language":"en","source_language":"en","source_url":"https://github.com/nilp0inter/cpe","tags":["cpe","security","vulnerability","nist","mitre"],"install":[{"cmd":"pip install cpe","lang":"bash","label":"Install latest version"}],"dependencies":[],"imports":[{"note":"The main class for creating and manipulating CPE objects.","symbol":"CPE","correct":"from cpe import CPE"},{"note":"For explicit handling of CPE Specification Version 2.2. Similar imports exist for other versions like CPE2_3.","symbol":"CPE2_2","correct":"from cpe.cpe2_2 import CPE2_2"}],"quickstart":{"code":"from cpe import CPE\n\n# Create a CPE 2.3 URI-style object (default version if not specified)\ncpe_uri_str = 'cpe:/a:hp:insight_diagnostics:8::~~online~win2003~x64~'\ncpe_obj_uri = CPE(cpe_uri_str)\n\nprint(f\"URI-style CPE: {cpe_obj_uri.as_uri()}\")\nprint(f\"Vendor: {cpe_obj_uri.get_vendor()}\")\nprint(f\"Product: {cpe_obj_uri.get_product()}\")\n\n# Create a CPE 2.2 object\ncpe_2_2_str = 'cpe:/o:redhat:enterprise_linux:4:update4'\ncpe_obj_2_2 = CPE(cpe_2_2_str, CPE.VERSION_2_2)\n\nprint(f\"\\nCPE 2.2 String: {cpe_obj_2_2.as_fs()}\") # Formatted String representation\nprint(f\"Operating System: {cpe_obj_2_2.get_part()}\")\nprint(f\"Version: {cpe_obj_2_2.get_version()}\")\n\n# Example of comparison (requires another CPE object for meaningful comparison)\ncpe1 = CPE('cpe:/o:linux:linux_kernel:2.6.32')\ncpe2 = CPE('cpe:/o:linux:linux_kernel:2.6.32')\nprint(f\"\\nCPE objects are equal: {cpe1 == cpe2}\")","lang":"python","description":"This quickstart demonstrates how to create CPE objects from different specification versions (URI and 2.2 formatted string) and access their components. It also shows a basic comparison between two CPE objects."},"warnings":[{"fix":"Upgrade to `cpe` version 1.3.0 or later: `pip install --upgrade cpe`. Ensure your Python environment is reasonably current (Python 3.8+ is generally recommended for modern libraries).","message":"Versions 1.3.0 and 1.3.1 addressed multiple `DeprecationWarning` issues in Python code. Users on older versions of the `cpe` library or Python might encounter warnings related to deprecated escape sequences or other code patterns. [cite: \"Recent GitHub releases\"]","severity":"deprecated","affected_versions":"< 1.3.0"},{"fix":"Always be explicit about the CPE version you are working with. When constructing CPE objects, use the `version` parameter (e.g., `CPE(cpe_string, CPE.VERSION_2_2)`). Use conversion methods provided by the library if you need to compare or interact across different CPE specification versions.","message":"The library supports CPE specification versions 1.1, 2.2, and 2.3. Mixing CPE objects from different versions in comparisons or expecting cross-version compatibility without explicit handling (e.g., using conversion methods) can lead to unexpected results or errors.","severity":"gotcha","affected_versions":"All versions"}],"env_vars":null,"last_verified":"2026-04-16T00:00:00.000Z","next_check":"2026-07-15T00:00:00.000Z","problems":[{"fix":"Install the library using pip: `pip install cpe`. If using a virtual environment, ensure it is activated before installation and execution.","cause":"The `cpe` library is not installed in the current Python environment or the environment is not correctly activated.","error":"ModuleNotFoundError: No module named 'cpe'"},{"fix":"Review the CPE string for correct syntax, including proper delimiters, parts, and components. Consult the NIST CPE Specification documents or examples in the `cpe` library documentation for valid formats. Ensure correct escaping where necessary.","cause":"The input string provided to the `CPE` constructor (or parsing function) does not conform to any recognized CPE specification format (URI, WFN, or formatted string). The library expects valid CPE syntax.","error":"ValueError: Invalid CPE string format: '...' (or similar indicating malformed input)"},{"fix":"Verify the specific CPE object type and its available methods. If you need to work with specific representations (e.g., WFN fields), convert the CPE object to that representation first (e.g., `cpe_obj.as_wfn_object().get_edition_packed()`) or consult the documentation for the appropriate accessor based on the CPE specification version and binding type.","cause":"Attempting to access an attribute or method specific to one CPE version or representation on an object of a different version or style (e.g., `get_edition_packed` is for WFN 2.3, not URI 2.3 directly on the top-level object without specific WFN conversion).","error":"AttributeError: 'CPE2_3_URI' object has no attribute 'get_edition_packed'"}]}