Vulnerability Feeds

Sysdig Vulnerability Management Data Sources and Feeds

Sysdig Secure continuously checks against a wide range of vulnerability databases. The current database list includes:

Vulnerability Feed Synchronization Interval

Sysdig aims to sync vulnerability feeds at least once per day. In general, feeds are synchronized every 8 hours to maintain up-to-date vulnerability data.

Individual feeds may experience synchronization issues, prompting manual synchronizations. As a result, the precise timing for synchronization of specific feeds may vary slightly.

Supported Operating Systems

Operating SystemVersionsSourceCVSS ScoreSeverityFix DatePublish DateDisclosure Date
Alpine Linux3.2+Alpine LinuxNVDNVDAlpine Linux > NVD > VulnDBAlpine LinuxAlpine Linux
CentOS7
8‑stream
9‑stream
CentOSNVDNVDCentOS > NVD > VulnDBCentOSCentOS
Debian10 (Buster)
11 (Bullseye)
12 (Bookworm)
13 (Trixie)
14 (Forky)
DebianNVDDebian UrgencyDebian > NVD > VulnDBDebianDebian
Red Hat7
8
9
Red HatRed HatRed Hat ImpactRed Hat > NVD > VulnDBRed HatRed Hat
Red Hat EUS7.x‑EUS
8.x‑EUS
9.x‑EUS
Red HatRed HatRed Hat ImpactRed Hat > NVD > VulnDBRed HatRed Hat
Rocky Linux8
9
Rocky LinuxNVDNVDRocky Linux > NVD > VulnDBRocky LinuxRocky Linux
Ubuntu18.04 LTS (Bionic)
20.04 LTS (Focal)
22.04 LTS (Jammy)
23.04 (Lunar)
23.10 (Mantic)
24.04 (Noble)
24.10 (Oracular)
UbuntuNVDUbuntu PriorityUbuntu > NVD > VulnDBUbuntuUbuntu
Amazon Linux2
2022
2023
Amazon LinuxNVDAmazon SeverityAmazon Linux > NVD > VulnDBAmazon LinuxAmazon Linux
Alibaba Linux2Alibaba LinuxAlibabaAlibaba SeverityAlibaba Linux > NVD > VulnDBAlibaba LinuxAlibaba Linux
Oracle Linux7
8
9
Oracle LinuxOracleOracle SeverityOracle Linux > NVD > VulnDBOracle LinuxOracle Linux
ChainguardN/AChainguardNVDNVDChainguard > NVD > VulnDBChainguardChainguard
WolfiN/AWolfiNVDNVDWolfi > NVD > VulnDBWolfiWolfi
Amazon BottleRocket1.10
1.11
Amazon BottleRocketNVDNVDAmazon BottleRocket > NVD > VulnDBAmazon BottleRocketAmazon BottleRocket
Google DistrolessTracks Debian 12 (Bookworm)Google DistrolessNVDNVDGoogle Distroless > NVD > VulnDBGoogle DistrolessGoogle Distroless
FlatcarAll versionsGentoo GLSANVDGentoo ImpactGentoo GLSA > NVD > VulnDBGentoo GLSAGentoo GLSA
Alma Linux8
9
Alma LinuxNVDAlma SeverityAlma Linux > NVD > VulnDBAlma LinuxAlma Linux
OpenSuse15.5
15.6
tumbleweed
SuseNVDSuse SeveritySuse > NVD > VulnDBSuseSuse
Azure Linux3.0Azure LinuxNVDNVDAzure Linux > NVD > VulnDBAzure LinuxAzure Linux
CBL Mariner1.0
2.0
CBL MarinerNVDNVDCBL Mariner > NVD > VulnDBCBL MarinerCBL Mariner
Suse Linux Micro6.0
6.1
SuseNVDSuse SeveritySuse > NVD > VulnDBSuseSuse
Suse Enterprise LinuxSUSE Linux Enterprise Server 12 SP4 and SP5
SUSE Linux Enterprise Server 15 SP3, SP4, SP5 and SP6
SuseNVDSuse SeveritySuse > NVD > VulnDBSuseSuse
PhotonOS1.0
2.0
3.0
4.0
5.0
PhotonOSNVDPhotonOSPhotonOS > NVD > VulnDBPhotonOSPhotonOS

Non-OS-Based Sources and Supported Package Types

Non‑OS‑Based SourcesMatched Package TypesSourceCVSS ScoreSeverityFix DatePublish DateDisclosure Date
NPM (JavaScript)NPM (JavaScript)NPMNVDNVDVulnDBNPMNPM
Python (Pypi)PythonPython Advisory > GitHub > GitLabNVDNVDVulnDBPython AdvisoryPython Advisory
RubyRuby GemsGitHub > GitLab > Ruby AdvisoryNVDNVDVulnDBGitHubGitHub
RustCargo (Rust)GitHubNVDNVDVulnDBGitHubGitHub
GoGolang (built with Go 1.13+)
Go Runtime
GitHub > GitLab > Go Vulnerability DatabaseNVDNVDVulnDBGitHubGitHub
JavaJava JAR
WAR
EAR
GitHub > GitLabNVDNVDVulnDBGitHubGitHub
PHPComposer (PHP)PHP Advisory > GitHub > GitLabNVDNVDVulnDBPHP AdvisoryPHP Advisory
C#NuGet (.Net)GitHubNVDNVDVulnDBGitHubGitHub

Column Legend

ColumnDescription
SourceThe specific database or advisory where Sysdig matches vulnerabilities, whether it’s from a vendor, an operating system, or a non‑OS package.
Matched Package Types / VersionsThe programming languages or operating system versions that are scanned for vulnerabilities, matched against specific sources. For packages, it indicates supported types, and for OS, the supported versions.
CVSS ScoreThe primary vulnerability score, such as NVD, displayed in the UX or reports. Additional scores from vendor-specific sources may also be available.
SeverityThe primary severity level derived from the score, shown in the UX or reports. Vendor-specific severities may also be displayed where applicable.
Fix DateFor OS-based sources, this field indicates the scheduled remediation date determined by a hierarchy: Vendor Fix Date > NVD Fix Date > VulnDB Fix Date. For non‑OS‑based sources—where a dedicated fix date isn’t provided—this field is marked as N/A.
Publish DateThe date the vulnerability was published, sourced directly from the vendor’s security feed.
Disclosure DateThe date the vulnerability was publicly disclosed, also sourced directly from the vendor’s security feed.