Skip to content
forked from anchore/vunnel

Tool for collecting vulnerability data from various sources (used to build the grype database)

License

Notifications You must be signed in to change notification settings

msmeissn/vunnel

 
 

Repository files navigation

vunnel

A tool for fetching, transforming, and storing vulnerability data from a variety of sources.

vunnel-demo

Supported data sources:

Installation

With pip:

pip install vunnel

With docker:

docker run \
  --rm -it \
  -v $(pwd)/data:/data \
  -v $(pwd)/.vunnel.yaml:/.vunnel.yaml \
    ghcr.io/anchore/vunnel:latest  \
      run nvd

Where:

  • the data volume keeps the processed data on the host
  • the .vunnel.yaml uses the host application config (if present)
  • you can swap latest for a specific version (same as the git tags)

See the vunnel package for a full listing of available tags.

Getting Started

List the available vulnerability data providers:

$ vunnel list

alpine
amazon
chainguard
debian
github
mariner
nvd
oracle
rhel
sles
ubuntu
wolfi

Download and process a provider:

$ vunnel run wolfi

2023-01-04 13:42:58 root [INFO] running wolfi provider
2023-01-04 13:42:58 wolfi [INFO] downloading Wolfi secdb https://packages.wolfi.dev/os/security.json
2023-01-04 13:42:59 wolfi [INFO] wrote 56 entries
2023-01-04 13:42:59 wolfi [INFO] recording workspace state

You will see the processed vulnerability data in the local ./data directory

$ tree data

data
└── wolfi
    ├── checksums
    ├── metadata.json
    ├── input
    │   └── secdb
    │       └── os
    │           └── security.json
    └── results
        └── wolfi:rolling
            ├── CVE-2016-2781.json
            ├── CVE-2017-8806.json
            ├── CVE-2018-1000156.json
            └── ...

Note: to get more verbose output, use -v, -vv, or -vvv (e.g. vunnel -vv run wolfi)

Delete existing input and result data for one or more providers:

$ vunnel clear wolfi

2023-01-04 13:48:31 root [INFO] clearing wolfi provider state

Example config file for changing application behavior:

# .vunnel.yaml
root: ./processed-data

log:
  level: trace

providers:
  wolfi:
    request_timeout: 125
    runtime:
      existing_input: keep
      existing_results: delete-before-write
      on_error:
        action: fail
        input: keep
        results: keep
        retry_count: 3
        retry_delay: 10

Use vunnel config to get a better idea of all of the possible configuration options.

FAQ

Can I implement a new provider?

Yes you can! See the provider docs for more information.

Why is it called "vunnel"?

This tool "funnels" vulnerability data into a single spot for easy processing... say "vulnerability data funnel" 100x fast enough and eventually it'll slur to "vunnel" :).

About

Tool for collecting vulnerability data from various sources (used to build the grype database)

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 98.6%
  • Makefile 1.3%
  • Dockerfile 0.1%