VulnDB and GitHub
VulnDB provides GitHub users a vulnerability database that is actionable, easy-to-read and understandable for developers and sysadmins who need to fix vulnerabilities.
Not only is VulnDB the world’s most comprehensive, detailed and timely vulnerability intelligence source, but it is also easy to integrate by developers into any vulnerability scanner, report generator, penetration testing or related tool.
VulnDB can automatically generate an Application that matches the dependencies used in your project. Please provide us with a name for your Application, and up to 3 dependency files. Currently, we support the following languages and file types:
-
.NET: packages.config
-
Java: pom.xml
-
JavaScript: package-lock.json, yarn.lock, package.json
-
PHP: composer.lock
-
Python: requirements.txt, Pipfile, Pipfile.lock
-
Ruby: Gemfile.lock