grype icon indicating copy to clipboard operation
grype copied to clipboard
verified publisher icon anchore

Support Photon OS CVE Feeds

Open cjnosal opened this issue 4 years ago • 3 comments

What would you like to be added: Support for identifying vulnerable packages in Photon OS

Why is this needed: To ensure photon-based containers are not vulnerable

Additional context: Syft support for Photon: https://github.com/anchore/syft/pull/341 CVE feed: https://packages.vmware.com/photon/photon_cve_metadata/

cjnosal avatar Jun 24 '21 19:06 cjnosal

+1

cburgess avatar Oct 21 '21 20:10 cburgess

I will add that trivy has support for this.

cburgess avatar Jan 26 '22 18:01 cburgess

👋 Thanks for the issue @xtreme-conor-nosal. Apologies for the wait here, but we're currently working on a way for vulnerability sources easier for community members to add. While we don't have plans to add this support at this exact moment stay tuned for updates...

spiffcs avatar Sep 08 '22 20:09 spiffcs