Importer Name Data Source Ecosystems Covered rust https://github.com/RustSec/advisory-db rust crates alpine https://secdb.alpinelinux.org/ alpine packages archlinux https://security.archlinux.org/json arch packages debian https://security-tracker.debian.org/tracker/data/json debian packages npm https://github.com/nodejs/security-wg.git npm packages ruby https://github.com/rubysec/ruby-advisory-db.git ruby gems ubuntu ubuntu packages retiredotnet https://github.com/RetireNet/Packages.git .NET packages suse_backports http://ftp.suse.com/pub/projects/security/yaml/ SUSE packages debian_oval https://www.debian.org/security/oval/ debian packages redhat https://access.redhat.com/hydra/rest/securitydata/cve.json rpm packages nvd https://nvd.nist.gov/vuln/data-feeds#JSON_FEED none gentoo https://anongit.gentoo.org/git/data/glsa.git gentoo packages openssl https://www.openssl.org/news/vulnerabilities.xml openssl ubuntu_usn https://usn.ubuntu.com/usn-db/database-all.json.bz2 ubuntu packages github https://api.github.com/graphql maven, .NET, php-composer, pypi packages. ruby gems msr2019 https://raw.githubusercontent.com/SAP/project-kb/master/MSR2019/dataset/vulas_db_msr2019_release.csv maven packages apache_httpd https://httpd.apache.org/security/json apache-httpd kaybee https://github.com/SAP/project-kb.git maven packages nginx http://nginx.org/en/security_advisories.html nginx postgresql https://www.postgresql.org/support/security/ postgresql elixir_security https://github.com/dependabot/elixir-security-advisories hex packages suse_scores https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml vulnerability severity scores by SUSE mozilla https://github.com/mozilla/foundation-security-advisories mozilla mattermost https://mattermost.com/security-updates/ mattermost server, desktop and mobile apps