mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-22 07:10:41 -08:00
74 lines
4.3 KiB
Markdown
74 lines
4.3 KiB
Markdown
# OS
|
|
|
|
| OS | Source |
|
|
| ---------------| ---------------------------------------- |
|
|
| Arch Linux | [Vulnerable Issues][arch] |
|
|
| Alpine Linux | [secdb][alpine] |
|
|
| Amazon Linux 1 | [Amazon Linux Security Center][amazon1] |
|
|
| Amazon Linux 2 | [Amazon Linux Security Center][amazon2] |
|
|
| Debian | [Security Bug Tracker][debian-tracker] |
|
|
| | [OVAL][debian-oval] |
|
|
| Ubuntu | [Ubuntu CVE Tracker][ubuntu] |
|
|
| RHEL/CentOS | [OVAL][rhel-oval] |
|
|
| | [Security Data][rhel-api] |
|
|
| Oracle Linux | [OVAL][oracle] |
|
|
| OpenSUSE/SLES | [CVRF][suse] |
|
|
| Photon OS | [Photon Security Advisory][photon] |
|
|
|
|
# Programming Language
|
|
|
|
| Language | Source | Commercial Use | Delay[^1]|
|
|
| ---------------------------- | -------------------------------------------------|:---------------:|:--------:|
|
|
| PHP | [PHP Security Advisories Database][php] | ✅ | - |
|
|
| | [GitHub Advisory Database (Composer)][php-ghsa] | ✅ | - |
|
|
| Python | [Safety DB][python] | ❌ | 1 month |
|
|
| | [GitHub Advisory Database (pip)][python-ghsa] | ✅ | - |
|
|
| Ruby | [Ruby Advisory Database][ruby] | ❌ (partially) | - |
|
|
| | [GitHub Advisory Database (RubyGems)][ruby-ghsa] | ✅ | - |
|
|
| Node.js | [Ecosystem Security Working Group][nodejs] | ✅ | - |
|
|
| | [GitHub Advisory Database (npm)][nodejs-ghsa] | ✅ | - |
|
|
| Java | [GitLab Advisories Community][gitlab] | ✅ | 1 month |
|
|
| | [GitHub Advisory Database (Maven)][java-ghsa] | ✅ | - |
|
|
| Go | [GitLab Advisories Community][gitlab] | ✅ | 1 month |
|
|
| | [The Go Vulnerability Database][go] | ✅ | - |
|
|
| Rust | [RustSec Advisory Database][rust] | ✅ | - |
|
|
| .NET | [GitHub Advisory Database (NuGet)][dotnet-ghsa] | ✅ | - |
|
|
|
|
[^1]: Intentional delay between vulnerability disclosure and registration in the DB
|
|
|
|
# Others
|
|
|
|
| Name | Source |
|
|
| --------------------------------|------------|
|
|
| National Vulnerability Database | [NVD][nvd] |
|
|
|
|
[arch]: https://security.archlinux.org/
|
|
[alpine]: https://secdb.alpinelinux.org/
|
|
[amazon1]: https://alas.aws.amazon.com/
|
|
[amazon2]: https://alas.aws.amazon.com/alas2.html
|
|
[debian-tracker]: https://security-tracker.debian.org/tracker/
|
|
[debian-oval]: https://www.debian.org/security/oval/
|
|
[ubuntu]: https://ubuntu.com/security/cve
|
|
[rhel-oval]: https://www.redhat.com/security/data/oval/v2/
|
|
[rhel-api]: https://www.redhat.com/security/data/metrics/
|
|
[oracle]: https://linux.oracle.com/security/oval/
|
|
[suse]: http://ftp.suse.com/pub/projects/security/cvrf/
|
|
[photon]: https://packages.vmware.com/photon/photon_cve_metadata/
|
|
|
|
[php-ghsa]: https://github.com/advisories?query=ecosystem%3Acomposer
|
|
[python-ghsa]: https://github.com/advisories?query=ecosystem%3Apip
|
|
[ruby-ghsa]: https://github.com/advisories?query=ecosystem%3Arubygems
|
|
[nodejs-ghsa]: https://github.com/advisories?query=ecosystem%3Anpm
|
|
[java-ghsa]: https://github.com/advisories?query=ecosystem%3Amaven
|
|
[dotnet-ghsa]: https://github.com/advisories?query=ecosystem%3Anuget
|
|
|
|
[php]: https://github.com/FriendsOfPHP/security-advisories
|
|
[python]: https://github.com/pyupio/safety-db
|
|
[ruby]: https://github.com/rubysec/ruby-advisory-db
|
|
[nodejs]: https://github.com/nodejs/security-wg
|
|
[gitlab]: https://gitlab.com/gitlab-org/advisories-community
|
|
[go]: https://github.com/golang/vulndb
|
|
[rust]: (https://github.com/RustSec/advisory-db)
|
|
|
|
[nvd]: https://nvd.nist.gov/
|