Vulnerability Feeds

This topic covers Vulnerability Management Data Sources and Feeds in Sysdig Secure.

Sysdig Vulnerability Management Data Sources and Feeds

Planned change for 22 June 2026. Sysdig is making improvements to Alpine and Ubuntu vulnerability feeds and adding Python PDM support. After this release, customers may see more Alpine findings (Sysdig will report vulnerabilities without an available fix) and severity changes on Ubuntu CVEs (CVSS v3 will replace Ubuntu priority). See the SaaS Sysdig Secure Release Notes for details.

Sysdig Secure continuously checks against a wide range of vulnerability databases. The current database list includes:

Vulnerability Feed Synchronization Interval

Sysdig aims to sync vulnerability feeds at least once per day. In general, feeds are synchronized every 8 hours to maintain up-to-date vulnerability data.

Individual feeds may experience synchronization issues, prompting manual synchronizations. As a result, the precise timing for synchronization of specific feeds may vary slightly.

Supported Operating Systems

Operating System	Versions	Source	CVSS Score	Severity	Fix Date	Publish Date	Disclosure Date
Alpine Linux	3.2+	Alpine Linux	NVD	NVD	Alpine Linux > NVD > VulnDB	Alpine Linux	Alpine Linux
CentOS	7 8‑stream 9‑stream	CentOS	NVD	NVD	CentOS > NVD > VulnDB	CentOS	CentOS
Debian	10 (Buster) 11 (Bullseye) 12 (Bookworm) 13 (Trixie) 14 (Forky)	Debian	NVD	Debian Urgency	Debian > NVD > VulnDB	Debian	Debian
Red Hat	7 8 9 RHEL CoreOS	Red Hat	Red Hat	Red Hat Impact	Red Hat > NVD > VulnDB	Red Hat	Red Hat
Red Hat EUS	7.x‑EUS 8.x‑EUS 9.x‑EUS	Red Hat	Red Hat	Red Hat Impact	Red Hat > NVD > VulnDB	Red Hat	Red Hat
Rocky Linux	8 9	Rocky Linux	NVD	NVD	Rocky Linux > NVD > VulnDB	Rocky Linux	Rocky Linux
Ubuntu	18.04 LTS (Bionic) 20.04 LTS (Focal) 22.04 LTS (Jammy) 23.04 (Lunar) 23.10 (Mantic) 24.04 (Noble) 24.10 (Oracular)	Ubuntu	NVD	Ubuntu Priority	Ubuntu > NVD > VulnDB	Ubuntu	Ubuntu
Amazon Linux	2 2022 2023	Amazon Linux	NVD	Amazon Severity	Amazon Linux > NVD > VulnDB	Amazon Linux	Amazon Linux
Alibaba Linux	2	Alibaba Linux	Alibaba	Alibaba Severity	Alibaba Linux > NVD > VulnDB	Alibaba Linux	Alibaba Linux
Oracle Linux	7 8 9	Oracle Linux	Oracle	Oracle Severity	Oracle Linux > NVD > VulnDB	Oracle Linux	Oracle Linux
Chainguard	N/A	Chainguard	NVD	NVD	Chainguard > NVD > VulnDB	Chainguard	Chainguard
Wolfi	N/A	Wolfi	NVD	NVD	Wolfi > NVD > VulnDB	Wolfi	Wolfi
Amazon BottleRocket	1.10 1.11	Amazon BottleRocket	NVD	NVD	Amazon BottleRocket > NVD > VulnDB	Amazon BottleRocket	Amazon BottleRocket
Google Distroless	Tracks Debian 12 (Bookworm)	Google Distroless	NVD	NVD	Google Distroless > NVD > VulnDB	Google Distroless	Google Distroless
Flatcar	All versions	Gentoo GLSA	NVD	Gentoo Impact	Gentoo GLSA > NVD > VulnDB	Gentoo GLSA	Gentoo GLSA
Alma Linux	8 9	Alma Linux	NVD	Alma Severity	Alma Linux > NVD > VulnDB	Alma Linux	Alma Linux
OpenSuse	15.5 15.6 tumbleweed	Suse	NVD	Suse Severity	Suse > NVD > VulnDB	Suse	Suse
Azure Linux	3.0	Azure Linux	NVD	NVD	Azure Linux > NVD > VulnDB	Azure Linux	Azure Linux
CBL Mariner	1.0 2.0	CBL Mariner	NVD	NVD	CBL Mariner > NVD > VulnDB	CBL Mariner	CBL Mariner
Suse Linux Micro	6.0 6.1	Suse	NVD	Suse Severity	Suse > NVD > VulnDB	Suse	Suse
Suse Enterprise Linux	SUSE Linux Enterprise Server 12 SP4 and SP5 SUSE Linux Enterprise Server 15 SP3, SP4, SP5 and SP6	Suse	NVD	Suse Severity	Suse > NVD > VulnDB	Suse	Suse
PhotonOS	1.0 2.0 3.0 4.0 5.0	PhotonOS	NVD	PhotonOS	PhotonOS > NVD > VulnDB	PhotonOS	PhotonOS
Windows Server	Windows Server 2019, 2022 Windows Server Core 2019, 2022	Microsoft	NVD	Microsoft	Microsoft > NVD > VulnDB	Microsoft	Microsoft

Non-OS-Based Sources and Supported Package Types

Non‑OS‑Based Sources	Matched Package Types	Source	CVSS Score	Severity	Fix Date	Publish Date	Disclosure Date
NPM (JavaScript)	NPM (JavaScript)	NPM	NVD	NVD	VulnDB	NPM	NPM
Python (Pypi)	Python	Python Advisory > GitHub > GitLab	NVD	NVD	VulnDB	Python Advisory	Python Advisory
Ruby	Ruby Gems	GitHub > GitLab > Ruby Advisory	NVD	NVD	VulnDB	GitHub	GitHub
Rust	Cargo (Rust)	GitHub	NVD	NVD	VulnDB	GitHub	GitHub
Go	Golang (built with Go 1.13+) Go Runtime	GitHub > GitLab > Go Vulnerability Database	NVD	NVD	VulnDB	GitHub	GitHub
Java	Java JAR WAR EAR	GitHub > GitLab	NVD	NVD	VulnDB	GitHub	GitHub
PHP	Composer (PHP)	PHP Advisory > GitHub > GitLab	NVD	NVD	VulnDB	PHP Advisory	PHP Advisory
C#	NuGet (.Net)	GitHub	NVD	NVD	VulnDB	GitHub	GitHub

Column Legend

Column	Description
Source	The specific database or advisory where Sysdig matches vulnerabilities, whether it’s from a vendor, an operating system, or a non‑OS package.
Matched Package Types / Versions	The programming languages or operating system versions that are scanned for vulnerabilities, matched against specific sources. For packages, it indicates supported types, and for OS, the supported versions.
CVSS Score	The primary vulnerability score, such as NVD, displayed in the UX or reports. Additional scores from vendor-specific sources may also be available.
Severity	The primary severity level derived from the score, shown in the UX or reports. Vendor-specific severities may also be displayed where applicable.
Fix Date	For OS-based sources, this field indicates the scheduled remediation date determined by a hierarchy: Vendor Fix Date > NVD Fix Date > VulnDB Fix Date. For non‑OS‑based sources—where a dedicated fix date isn’t provided—this field is marked as N/A.
Publish Date	The date the vulnerability was published, sourced directly from the vendor’s security feed.
Disclosure Date	The date the vulnerability was publicly disclosed, also sourced directly from the vendor’s security feed.