Vulnerability Feeds
Sysdig Vulnerability Management Data Sources and Feeds
Sysdig Secure continuously checks against a wide range of vulnerability databases. The current database list includes:
- NIST NVD
- VulnDB
- NPM
- Python
- Ruby
- Alpine Linux
- Centos
- Debian
- Red Hat
- Rocky ERRATA
- Ubuntu
- Amazon Linux
- Alibaba Linux
- Oracle Linux
- Chainguard
- Wolfi
- Amazon BottleRocket
- PHP Advisory
- Go Vulnerability Database
- GitHub Advisories
- GitLab Advisories
- First.org EPSS
Supported Operating Systems
| Operating System | Versions | Source | CVSS Score | Severity |
|---|---|---|---|---|
| Alpine Linux | 3.2+ | Alpine Linux | NVD | NVD |
| CentOS | 7 8-stream 9-stream | CentOS | NVD | NVD |
| Debian | 10 (Buster) 11 (Bullseye) 12 (Bookworm) Trixie (unstable) | Debian | NVD | Debian Urgency |
| Red Hat | 7 8 9 | RedHat CSAF-VEX | RedHat | RedHat Impact |
| Rocky Linux | 8 9 | Rocky ERRATA | NVD | NVD |
| Ubuntu | 18.04 LTS (Bionic) 20.04 LTS (Focal) 22.04 LTS (Jammy) 23.04 (Lunar) | Ubuntu | NVD | Ubuntu Priority |
| Amazon Linux | 2 2022 2023 | Amazon Linux | NVD | Amazon Severity |
| Alibaba Linux | 2 | Alibaba Linux | Alibaba | Alibaba Severity |
| Oracle Linux | 7 8 9 | Oracle Linux | Oracle | Oracle Severity |
| Chainguard | N/A | Chainguard | NVD | NVD |
| Wolfi | N/A | Wolfi | NVD | NVD |
| Amazon BottleRocket | 1.10 1.11 | Amazon BottleRocket | NVD | NVD |
| Google Distroless | Tracks Debian 12 (Bookworm) | Debian CVE Tracker | NVD | NVD |
| Flatcar | All versions | Gentoo GLSA | NVD | Gentoo Impact |
Non-OS-Based Sources and Supported Package Types
| Non-OS-Based Sources | Matched Package Types | Source | CVSS Score | Severity |
|---|---|---|---|---|
| NPM (JavaScript) | NPM (JavaScript) | NPM | NVD | NVD |
| Python (Pypi) | Python | Python Advisory > GitHub > GitLab | NVD | NVD |
| Ruby | Ruby Gems | GitHub > GitLab > Ruby Advisory | NVD | NVD |
| Rust | Cargo (Rust) | GitHub > GitLab | NVD | NVD |
| Go | Golang (built with Go 1.13+) Go Runtime | GitHub > GitLab > Go Vulnerability Database | NVD | NVD |
| Java | Java JAR WAR EAR | GitHub > GitLab | NVD | NVD |
| PHP | Composer (PHP) | PHP Advisory > GitHub > GitLab | NVD | NVD |
| C# | NuGet (.Net) | GitHub > GitLab | NVD | NVD |
Column Legend
| Column | Description |
|---|---|
| Source | The specific database or advisory where Sysdig matches vulnerabilities, whether it’s from a vendor, an operating system, or a non-OS package. |
| Matched Package Types / Versions | The programming languages or operating system versions that are scanned for vulnerabilities, matched against specific sources. For packages, it indicates supported types, and for OS, the supported versions. |
| CVSS Score | The primary vulnerability score, such as NVD, displayed in the UX or reports. Additional scores from vendor-specific sources may also be available. |
| Severity | The primary severity level derived from the score, shown in the UX or reports. Vendor-specific severities may also be displayed where applicable. |
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.