Name		Name	Last commit message	Last commit date
Latest commit History 12,115 Commits
.github		.github
docs		docs
hack		hack
scripts		scripts
.yam.yaml		.yam.yaml
LICENSE		LICENSE
README.md		README.md
aactl.advisories.yaml		aactl.advisories.yaml
actions-runner-controller.advisories.yaml		actions-runner-controller.advisories.yaml
addon-resizer.advisories.yaml		addon-resizer.advisories.yaml
age.advisories.yaml		age.advisories.yaml
airflow.advisories.yaml		airflow.advisories.yaml
akhq.advisories.yaml		akhq.advisories.yaml
amass.advisories.yaml		amass.advisories.yaml
amazon-corretto-crypto-provider.advisories.yaml		amazon-corretto-crypto-provider.advisories.yaml
apache-nifi.advisories.yaml		apache-nifi.advisories.yaml
apache2.advisories.yaml		apache2.advisories.yaml
apko.advisories.yaml		apko.advisories.yaml
argo-cd-2.10.advisories.yaml		argo-cd-2.10.advisories.yaml
argo-cd-2.11.advisories.yaml		argo-cd-2.11.advisories.yaml
argo-cd-2.12.advisories.yaml		argo-cd-2.12.advisories.yaml
argo-cd-2.13.advisories.yaml		argo-cd-2.13.advisories.yaml
argo-cd-2.7.advisories.yaml		argo-cd-2.7.advisories.yaml
argo-cd-2.8.advisories.yaml		argo-cd-2.8.advisories.yaml
argo-cd-2.9.advisories.yaml		argo-cd-2.9.advisories.yaml
argo-events.advisories.yaml		argo-events.advisories.yaml
argo-rollouts.advisories.yaml		argo-rollouts.advisories.yaml
argo-workflows.advisories.yaml		argo-workflows.advisories.yaml
atlantis.advisories.yaml		atlantis.advisories.yaml
atuin.advisories.yaml		atuin.advisories.yaml
authservice.advisories.yaml		authservice.advisories.yaml
avahi.advisories.yaml		avahi.advisories.yaml
aws-cli-v2.advisories.yaml		aws-cli-v2.advisories.yaml
aws-ebs-csi-driver.advisories.yaml		aws-ebs-csi-driver.advisories.yaml
aws-efs-csi-driver.advisories.yaml		aws-efs-csi-driver.advisories.yaml
aws-flb-cloudwatch.advisories.yaml		aws-flb-cloudwatch.advisories.yaml
aws-flb-firehose.advisories.yaml		aws-flb-firehose.advisories.yaml
aws-flb-kinesis.advisories.yaml		aws-flb-kinesis.advisories.yaml
aws-load-balancer-controller.advisories.yaml		aws-load-balancer-controller.advisories.yaml
aws-network-policy-agent.advisories.yaml		aws-network-policy-agent.advisories.yaml
az.advisories.yaml		az.advisories.yaml
azcopy.advisories.yaml		azcopy.advisories.yaml
azuredisk-csi-1.31.advisories.yaml		azuredisk-csi-1.31.advisories.yaml
bank-vaults.advisories.yaml		bank-vaults.advisories.yaml
bat.advisories.yaml		bat.advisories.yaml
bazel-3.advisories.yaml		bazel-3.advisories.yaml
bazelisk.advisories.yaml		bazelisk.advisories.yaml
berg.advisories.yaml		berg.advisories.yaml
bincapz.advisories.yaml		bincapz.advisories.yaml
bind.advisories.yaml		bind.advisories.yaml
binutils.advisories.yaml		binutils.advisories.yaml
bluez.advisories.yaml		bluez.advisories.yaml
bom.advisories.yaml		bom.advisories.yaml
boring-registry.advisories.yaml		boring-registry.advisories.yaml
brotli.advisories.yaml		brotli.advisories.yaml
buck2.advisories.yaml		buck2.advisories.yaml
buf.advisories.yaml		buf.advisories.yaml
buildah.advisories.yaml		buildah.advisories.yaml
buildkitd.advisories.yaml		buildkitd.advisories.yaml
busybox.advisories.yaml		busybox.advisories.yaml
byobu.advisories.yaml		byobu.advisories.yaml
c-ares.advisories.yaml		c-ares.advisories.yaml
caddy.advisories.yaml		caddy.advisories.yaml
cadvisor.advisories.yaml		cadvisor.advisories.yaml
calico-3.28.advisories.yaml		calico-3.28.advisories.yaml
calico.advisories.yaml		calico.advisories.yaml
capslock.advisories.yaml		capslock.advisories.yaml
cargo-audit.advisories.yaml		cargo-audit.advisories.yaml
cargo-c.advisories.yaml		cargo-c.advisories.yaml
cass-config-builder.advisories.yaml		cass-config-builder.advisories.yaml
cass-operator.advisories.yaml		cass-operator.advisories.yaml
cassandra-4.1.advisories.yaml		cassandra-4.1.advisories.yaml
cassandra-5.0.advisories.yaml		cassandra-5.0.advisories.yaml
cassandra-reaper.advisories.yaml		cassandra-reaper.advisories.yaml
cbindgen.advisories.yaml		cbindgen.advisories.yaml
cert-exporter.advisories.yaml		cert-exporter.advisories.yaml
cert-manager-1.11.advisories.yaml		cert-manager-1.11.advisories.yaml
cert-manager-1.12.advisories.yaml		cert-manager-1.12.advisories.yaml
cert-manager-1.13.advisories.yaml		cert-manager-1.13.advisories.yaml
cert-manager-1.14.advisories.yaml		cert-manager-1.14.advisories.yaml
cert-manager-1.15.advisories.yaml		cert-manager-1.15.advisories.yaml
cert-manager-cmctl.advisories.yaml		cert-manager-cmctl.advisories.yaml
cert-manager-webhook-pdns.advisories.yaml		cert-manager-webhook-pdns.advisories.yaml
certificate-transparency.advisories.yaml		certificate-transparency.advisories.yaml
cfssl.advisories.yaml		cfssl.advisories.yaml
chartmuseum.advisories.yaml		chartmuseum.advisories.yaml
checkov.advisories.yaml		checkov.advisories.yaml
chezmoi.advisories.yaml		chezmoi.advisories.yaml
chromium.advisories.yaml		chromium.advisories.yaml
cilium-1.14.advisories.yaml		cilium-1.14.advisories.yaml
cilium-1.15.advisories.yaml		cilium-1.15.advisories.yaml
cilium-1.16.advisories.yaml		cilium-1.16.advisories.yaml
cilium-cli.advisories.yaml		cilium-cli.advisories.yaml
cilium-envoy.advisories.yaml		cilium-envoy.advisories.yaml
clamav-1.2.advisories.yaml		clamav-1.2.advisories.yaml
clamav-1.3.advisories.yaml		clamav-1.3.advisories.yaml
clamav-1.4.advisories.yaml		clamav-1.4.advisories.yaml
clamav.advisories.yaml		clamav.advisories.yaml
cloud-sql-proxy.advisories.yaml		cloud-sql-proxy.advisories.yaml
cloudflared.advisories.yaml		cloudflared.advisories.yaml

Repository files navigation

advisories

Security advisory data for the Wolfi distribution.

Introduction

This repository is where we store Wolfi's security advisory data. Each Wolfi package is represented with a <package-name>.advisories.yaml file, if there are any advisories recorded for the given package.

The purpose of the advisory data is to record all investigated package vulnerabilities and indicate the latest understanding of whether or not the package is affected by the vulnerability.

Interpreting the data

Each package advisories file in this repository has a list of one or more advisories. Each advisory is named by an ID (e.g. "CVE-2023-12345") and contains a list of timestamped events that describe the investigation of a vulnerability's impact on the given package.

Event Types

For a detailed look at the current event types, see the Event Types document.

Using the data

The best way to interact with the data in this repo is to use wolfictl. Run wolfictl advisory -h to see a list of commands designed to interact with this dataset.

For example, to see advisories for every package in Wolfi:

$ wolfictl advisory list
apko: CVE-2023-28840: fixed (0.7.3-r1)
apko: CVE-2023-28841: fixed (0.7.3-r1)
apko: CVE-2023-28842: fixed (0.7.3-r1)
bind: CVE-2018-5736: fixed (9.18.10-r0)
(and so on...)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

advisories

Introduction

Interpreting the data

Event Types

Using the data

About

Contributors 56

Languages

License

wolfi-dev/advisories

Folders and files

Latest commit

History

Repository files navigation

advisories

Introduction

Interpreting the data

Event Types

Using the data

About

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Contributors 56

Languages