Importers

Importer Name

Data Source

Ecosystems Covered

rust

https://github.com/RustSec/advisory-db

rust crates

alpine

https://secdb.alpinelinux.org/

alpine packages

archlinux

https://security.archlinux.org/json

arch packages

debian

https://security-tracker.debian.org/tracker/data/json

debian packages

npm

https://github.com/nodejs/security-wg.git

npm packages

ruby

https://github.com/rubysec/ruby-advisory-db.git

ruby gems

ubuntu

ubuntu packages

retiredotnet

https://github.com/RetireNet/Packages.git

.NET packages

suse_backports

http://ftp.suse.com/pub/projects/security/yaml/

SUSE packages

debian_oval

https://www.debian.org/security/oval/

debian packages

redhat

https://access.redhat.com/hydra/rest/securitydata/cve.json

rpm packages

nvd

https://nvd.nist.gov/vuln/data-feeds#JSON_FEED

none

gentoo

https://anongit.gentoo.org/git/data/glsa.git

gentoo packages

openssl

https://www.openssl.org/news/vulnerabilities.xml

openssl

ubuntu_usn

https://usn.ubuntu.com/usn-db/database-all.json.bz2

ubuntu packages

github

https://api.github.com/graphql

maven, .NET, php-composer, pypi packages. ruby gems

msr2019

https://raw.githubusercontent.com/SAP/project-kb/master/MSR2019/dataset/vulas_db_msr2019_release.csv

maven packages

apache_httpd

https://httpd.apache.org/security/json

apache-httpd

kaybee

https://github.com/SAP/project-kb.git

maven packages

nginx

http://nginx.org/en/security_advisories.html

nginx

postgresql

https://www.postgresql.org/support/security/

postgresql

elixir_security

https://github.com/dependabot/elixir-security-advisories

hex packages

suse_scores

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

vulnerability severity scores by SUSE

mozilla

https://github.com/mozilla/foundation-security-advisories

mozilla

mattermost

https://mattermost.com/security-updates/

mattermost server, desktop and mobile apps