├── Makefile ├── README.md ├── cmd └── main.go ├── go.mod ├── go.sum ├── internal ├── utils.go └── vulners.go ├── plugin.yaml ├── vulners-trivy-output.png └── vulners-trivy.png /Makefile: -------------------------------------------------------------------------------- 1 | APP?=trivy-vulners-db 2 | 3 | build: 4 | go build -buildvcs=false -o ./bin/${APP} ./cmd -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # trivy-plugin-vulners-db 2 | 3 | Enchance Trivy security scanner with vulners.com database with AI based vulnerability scoring, exploit prediction, analytics and more: 4 | 5 | ![vulners-trivy.png](vulners-trivy.png) 6 | 7 | - **vulnersScore** - [AI based](https://vulners.com/blog/ai-score/) vulnerability score 8 | - **epss** - [Exploit Prediction Scoring System](https://vulners.com/blog/epss-exploit-prediction-scoring-system/) score 9 | - **cvss2**, **cvss3** - CVSS v2 and v3 [scores](https://vulners.com/blog/cvss-common-vulnerability-scoring-system/) 10 | - **aiDescription** - Shortened vulnerability description 11 | - **aiTags** - Tags showing vulnerability types, vendor and product names 12 | - **isWildExploited** - known facts of vulnerability exploited in the wild 13 | - **exploitsCount** - number of known exploits for vulnerability 14 | - **href** - link to vulnerability page on vulners.com 15 | 16 | ## Installation 17 | 18 | - Install plugin using trivy plugin command 19 | 20 | `trivy plugin install github.com/vulnersCom/trivy-plugin-vulners-db` 21 | 22 | 23 | - Download vulners enriched database using [vulners api-key](https://vulners.com/userinfo?tab=api-keys) 24 | 25 | `trivy vulners-db --api-key ` 26 | 27 | ## So, enjoy enriched database 28 | 29 | For example try this out 30 | 31 | `trivy image python:3.4-alpine -f json` 32 | ![vulners-trivy-output.png](vulners-trivy-output.png) 33 | -------------------------------------------------------------------------------- /cmd/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "github.com/aquasecurity/trivy/pkg/utils/fsutils" 5 | "github.com/sirupsen/logrus" 6 | "github.com/spf13/cobra" 7 | "io" 8 | "log" 9 | "os" 10 | "trivy-plugin-vulners/internal" 11 | ) 12 | 13 | func main() { 14 | Execute() 15 | } 16 | func Execute() { 17 | rootCmd.SetOut(os.Stdout) 18 | rootCmd.SetErr(os.Stderr) 19 | 20 | if err := rootCmd.Execute(); err != nil { 21 | os.Exit(1) 22 | } 23 | } 24 | 25 | var ( 26 | cacheDir string 27 | apiKey string 28 | ) 29 | 30 | var rootCmd = &cobra.Command{ 31 | Use: "trivy-plugin-vulners-db", 32 | Short: "trivy-plugin-vulners-db", 33 | Long: "trivy-plugin-vulners-db", 34 | SilenceUsage: true, 35 | Version: "0.1", 36 | Args: cobra.ExactArgs(0), 37 | RunE: func(cmd *cobra.Command, args []string) error { 38 | if err := setUpLogs(os.Stdout, "info"); err != nil { 39 | return err 40 | } 41 | if len(apiKey) == 0 { 42 | log.Fatalf("Missing api key") 43 | } 44 | 45 | if len(cacheDir) == 0 { 46 | cacheDir = fsutils.CacheDir() 47 | } 48 | internal.Download(cacheDir, apiKey) 49 | return nil 50 | }, 51 | } 52 | 53 | func init() { 54 | rootCmd.Flags().StringVarP(&cacheDir, "cache-dir", "", "", "cache dir") 55 | rootCmd.Flags().StringVarP(&apiKey, "api-key", "", "", "vulners api key") 56 | } 57 | 58 | func setUpLogs(out io.Writer, level string) error { 59 | logrus.SetOutput(out) 60 | lvl, err := logrus.ParseLevel(level) 61 | if err != nil { 62 | return err 63 | } 64 | logrus.SetLevel(lvl) 65 | return nil 66 | } 67 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module trivy-plugin-vulners 2 | 3 | go 1.21 4 | 5 | require ( 6 | github.com/aquasecurity/trivy v0.46.1 7 | github.com/aquasecurity/trivy-db v0.0.0-20231005141211-4fc651f7ac8d 8 | github.com/cavaliergopher/grab/v3 v3.0.1 9 | github.com/sirupsen/logrus v1.9.3 10 | github.com/spf13/cobra v1.8.0 11 | ) 12 | 13 | require ( 14 | github.com/aquasecurity/go-dep-parser v0.0.0-20231013060839-6f348921ea39 // indirect 15 | github.com/davecgh/go-spew v1.1.1 // indirect 16 | github.com/inconshreveable/mousetrap v1.1.0 // indirect 17 | github.com/kr/pretty v0.3.1 // indirect 18 | github.com/masahiro331/go-xfs-filesystem v0.0.0-20230608043311-a335f4599b70 // indirect 19 | github.com/pmezard/go-difflib v1.0.0 // indirect 20 | github.com/spf13/pflag v1.0.5 // indirect 21 | github.com/stretchr/objx v0.5.0 // indirect 22 | github.com/stretchr/testify v1.8.4 // indirect 23 | go.etcd.io/bbolt v1.3.7 // indirect 24 | go.uber.org/multierr v1.11.0 // indirect 25 | go.uber.org/zap v1.26.0 // indirect 26 | golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 // indirect 27 | golang.org/x/sys v0.13.0 // indirect 28 | golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect 29 | gopkg.in/yaml.v3 v3.0.1 // indirect 30 | ) 31 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986 h1:2a30xLN2sUZcMXl50hg+PJCIDdJgIvIbVcKqLJ/ZrtM= 2 | github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986/go.mod h1:NT+jyeCzXk6vXR5MTkdn4z64TgGfE5HMLC8qfj5unl8= 3 | github.com/aquasecurity/go-dep-parser v0.0.0-20231013060839-6f348921ea39 h1:5yB6PHCaU4yZzN1mMFnrpBerz2pgqYdDRRVSOj4EjVo= 4 | github.com/aquasecurity/go-dep-parser v0.0.0-20231013060839-6f348921ea39/go.mod h1:RpdbxLhxxvWmv83HWNEiv+reFkmnV+GqHqr66mIU8nU= 5 | github.com/aquasecurity/trivy v0.46.1 h1:YYqPwWTWXSYXgvExbopENlUP3Eztd+gTznnD+ZbHWvc= 6 | github.com/aquasecurity/trivy v0.46.1/go.mod h1:jOm8rwmwcZ2w9myAiOvS30MjKmJvpHTWRvUzPSXAvyw= 7 | github.com/aquasecurity/trivy-db v0.0.0-20231005141211-4fc651f7ac8d h1:fjI9mkoTUAkbGqpzt9nJsO24RAdfG+ZSiLFj0G2jO8c= 8 | github.com/aquasecurity/trivy-db v0.0.0-20231005141211-4fc651f7ac8d/go.mod h1:cj9/QmD9N3OZnKQMp+/DvdV+ym3HyIkd4e+F0ZM3ZGs= 9 | github.com/cavaliergopher/grab/v3 v3.0.1 h1:4z7TkBfmPjmLAAmkkAZNX/6QJ1nNFdv3SdIHXju0Fr4= 10 | github.com/cavaliergopher/grab/v3 v3.0.1/go.mod h1:1U/KNnD+Ft6JJiYoYBAimKH2XrYptb8Kl3DFGmsjpq4= 11 | github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= 12 | github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= 13 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 14 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 15 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 16 | github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= 17 | github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= 18 | github.com/goccy/go-yaml v1.8.1 h1:JuZRFlqLM5cWF6A+waL8AKVuCcqvKOuhJtUQI+L3ez0= 19 | github.com/goccy/go-yaml v1.8.1/go.mod h1:wS4gNoLalDSJxo/SpngzPQ2BN4uuZVLCmbM4S3vd4+Y= 20 | github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= 21 | github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= 22 | github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= 23 | github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= 24 | github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= 25 | github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= 26 | github.com/masahiro331/go-xfs-filesystem v0.0.0-20230608043311-a335f4599b70 h1:X6W6raTo07X0q4pvSI/68Pj/Ic4iIU2CfQU65OH0Zhc= 27 | github.com/masahiro331/go-xfs-filesystem v0.0.0-20230608043311-a335f4599b70/go.mod h1:QKBZqdn6teT0LK3QhAf3K6xakItd1LonOShOEC44idQ= 28 | github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= 29 | github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= 30 | github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= 31 | github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= 32 | github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= 33 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 34 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 35 | github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= 36 | github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= 37 | github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= 38 | github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= 39 | github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= 40 | github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= 41 | github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= 42 | github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= 43 | github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= 44 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 45 | github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= 46 | github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= 47 | github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= 48 | github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 49 | github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 50 | github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= 51 | github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= 52 | github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= 53 | go.etcd.io/bbolt v1.3.7 h1:j+zJOnnEjF/kyHlDDgGnVL/AIqIJPq8UoB2GSNfkUfQ= 54 | go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw= 55 | go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= 56 | go.uber.org/goleak v1.2.0/go.mod h1:XJYK+MuIchqpmGmUSAzotztawfKvYLUIgg7guXrwVUo= 57 | go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= 58 | go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= 59 | go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= 60 | go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= 61 | golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc= 62 | golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= 63 | golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 64 | golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= 65 | golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 66 | golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk= 67 | golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= 68 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 69 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= 70 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= 71 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 72 | gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= 73 | gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 74 | -------------------------------------------------------------------------------- /internal/utils.go: -------------------------------------------------------------------------------- 1 | package internal 2 | 3 | import ( 4 | "archive/tar" 5 | "compress/gzip" 6 | "io" 7 | "log" 8 | "os" 9 | "path/filepath" 10 | ) 11 | 12 | func extractTarGz(filename string, destination string) error { 13 | gzipStream, err := os.Open(filename) 14 | if err != nil { 15 | log.Fatal("Can't open file") 16 | return err 17 | } 18 | 19 | uncompressedStream, err := gzip.NewReader(gzipStream) 20 | if err != nil { 21 | log.Fatal("NewReader failed") 22 | return err 23 | } 24 | 25 | tarReader := tar.NewReader(uncompressedStream) 26 | 27 | for true { 28 | header, err := tarReader.Next() 29 | 30 | if err == io.EOF { 31 | break 32 | } 33 | 34 | if err != nil { 35 | log.Fatalf("Next failed: %s", err.Error()) 36 | return err 37 | } 38 | 39 | switch header.Typeflag { 40 | case tar.TypeDir: 41 | if err := os.Mkdir(header.Name, 0755); err != nil { 42 | log.Fatalf("Mkdir failed: %s", err.Error()) 43 | return err 44 | } 45 | case tar.TypeReg: 46 | destinationFilename := filepath.Join(destination, "trivy.db") 47 | 48 | _, err := os.Stat(destinationFilename) 49 | if !os.IsNotExist(err) { 50 | _ = os.Remove(destinationFilename) 51 | } 52 | 53 | outputFile, err := os.Create(destinationFilename) 54 | if err != nil { 55 | log.Fatalf("Create failed: %s", err.Error()) 56 | return err 57 | } 58 | if _, err := io.Copy(outputFile, tarReader); err != nil { 59 | log.Fatalf("Copy failed: %s", err.Error()) 60 | return err 61 | } 62 | 63 | _ = outputFile.Close() 64 | 65 | default: 66 | log.Fatalf( 67 | "Uknown type: %s in %s", 68 | header.Typeflag, 69 | header.Name) 70 | } 71 | 72 | } 73 | 74 | _ = gzipStream.Close() 75 | 76 | _ = os.Remove(filename) 77 | 78 | return nil 79 | } 80 | -------------------------------------------------------------------------------- /internal/vulners.go: -------------------------------------------------------------------------------- 1 | package internal 2 | 3 | import ( 4 | "errors" 5 | "github.com/aquasecurity/trivy-db/pkg/metadata" 6 | "github.com/cavaliergopher/grab/v3" 7 | "log" 8 | "os" 9 | "path/filepath" 10 | "time" 11 | ) 12 | 13 | func Download(cacheDir string, apiKey string) { 14 | dbPath := filepath.Join(cacheDir, "db") 15 | if _, err := os.Stat(dbPath); errors.Is(err, os.ErrNotExist) { 16 | err := os.MkdirAll(dbPath, 0755) 17 | if err != nil { 18 | log.Fatalf("Can't create dir: %v", err) 19 | } 20 | } 21 | 22 | client := grab.NewClient() 23 | req, _ := grab.NewRequest(dbPath, "https://vulners.com/api/v3/trivy/free?apiKey="+apiKey) 24 | 25 | log.Printf("Downloading: %v", req.URL()) 26 | resp := client.Do(req) 27 | log.Printf("Response statys: %v", resp.HTTPResponse.Status) 28 | 29 | t := time.NewTicker(500 * time.Millisecond) 30 | defer t.Stop() 31 | 32 | Loop: 33 | for { 34 | select { 35 | case <-t.C: 36 | log.Printf("Transferred: %v bytes", resp.BytesComplete()) 37 | case <-resp.Done: 38 | break Loop 39 | } 40 | } 41 | 42 | if err := resp.Err(); err != nil { 43 | log.Fatalf("Download failed: %v", err) 44 | } 45 | 46 | log.Printf("Download saved to: %v ", resp.Filename) 47 | 48 | err := extractTarGz(resp.Filename, dbPath) 49 | if err != nil { 50 | log.Fatalf("Can't extract: %v", err) 51 | } 52 | 53 | dbMetadata := createMetadata() 54 | 55 | dbMetadataClient := metadata.NewClient(cacheDir) 56 | err = dbMetadataClient.Update(dbMetadata) 57 | if err != nil { 58 | log.Fatalf("Update dbMetadata failed: %v", err) 59 | } 60 | 61 | } 62 | 63 | func createMetadata() metadata.Metadata { 64 | dbMetadata := metadata.Metadata{} 65 | dbMetadata.Version = 2 66 | dbMetadata.DownloadedAt = time.Now().UTC() 67 | dbMetadata.UpdatedAt = time.Now().UTC() 68 | dbMetadata.NextUpdate = time.Now().UTC().AddDate(1, 0, 0) 69 | return dbMetadata 70 | } 71 | -------------------------------------------------------------------------------- /plugin.yaml: -------------------------------------------------------------------------------- 1 | name: "vulners-db" 2 | repository: github.com/vulnersCom/trivy-plugin-vulners-db 3 | version: "0.0.1" 4 | usage: trivy vulners-db -- -- 5 | description: |- 6 | A Trivy plugin that download custom trivy db. 7 | Usage: trivy vulners-db -- -- 8 | platforms: 9 | - selector: 10 | os: linux 11 | arch: amd64 12 | uri: https://github.com/vulnersCom/trivy-plugin-vulners-db/releases/download/v0.0.1/trivy-vulners-db_0.0.1_linux_amd64.tar.gz 13 | bin: ./trivy-vulners-db 14 | - selector: 15 | os: darwin 16 | arch: arm64 17 | uri: https://github.com/vulnersCom/trivy-plugin-vulners-db/releases/download/v0.0.1/trivy-vulners-db_0.0.1_darwin_arm64.tar.gz 18 | bin: ./trivy-vulners-db 19 | - selector: 20 | os: windows 21 | arch: amd64 22 | uri: https://github.com/vulnersCom/trivy-plugin-vulners-db/releases/download/v0.0.1/trivy-vulners-db_0.0.1_windows_amd64.tar.gz 23 | bin: ./trivy-vulners-db -------------------------------------------------------------------------------- /vulners-trivy-output.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vulnersCom/trivy-plugin-vulners-db/1132a38cb759e742a4216a4a37196e485d60c0e7/vulners-trivy-output.png -------------------------------------------------------------------------------- /vulners-trivy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vulnersCom/trivy-plugin-vulners-db/1132a38cb759e742a4216a4a37196e485d60c0e7/vulners-trivy.png --------------------------------------------------------------------------------