mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-22 07:10:41 -08:00
5d57deaa4f
Trivy no longer depends on OSVDB and can use "Ruby Advisory Database" for commercial usage. Fixes #1208
4.3 KiB
4.3 KiB
OS
| OS | Source |
|---|---|
| Arch Linux | Vulnerable Issues |
| Alpine Linux | secdb |
| Amazon Linux 1 | Amazon Linux Security Center |
| Amazon Linux 2 | Amazon Linux Security Center |
| Debian | Security Bug Tracker |
| OVAL | |
| Ubuntu | Ubuntu CVE Tracker |
| RHEL/CentOS | OVAL |
| Security Data | |
| Oracle Linux | OVAL |
| OpenSUSE/SLES | CVRF |
| Photon OS | Photon Security Advisory |
Programming Language
| Language | Source | Commercial Use | Delay1 |
|---|---|---|---|
| PHP | PHP Security Advisories Database | ✅ | - |
| GitHub Advisory Database (Composer) | ✅ | - | |
| Python | Safety DB | ❌ | 1 month |
| GitHub Advisory Database (pip) | ✅ | - | |
| Ruby | Ruby Advisory Database | ✅ | - |
| GitHub Advisory Database (RubyGems) | ✅ | - | |
| Node.js | Ecosystem Security Working Group | ✅ | - |
| GitHub Advisory Database (npm) | ✅ | - | |
| Java | GitLab Advisories Community | ✅ | 1 month |
| GitHub Advisory Database (Maven) | ✅ | - | |
| Go | GitLab Advisories Community | ✅ | 1 month |
| The Go Vulnerability Database | ✅ | - | |
| Rust | RustSec Advisory Database | ✅ | - |
| .NET | GitHub Advisory Database (NuGet) | ✅ | - |
Others
| Name | Source |
|---|---|
| National Vulnerability Database | NVD |
-
Intentional delay between vulnerability disclosure and registration in the DB ↩︎