<ul><li>Grype is an open source vulnerability scanner for container images and filesystems.</li><li>The tool compares the software packages in an image against a database of known vulnerabilities.</li><li>Grype relies on upstream data providers to obtain vulnerability data.</li><li>The providers include Alpine, Amazon, Debian, GitHub Security Advisories, NVD, Oracle, RedHat, SLES, Ubuntu, and Wolfi.</li><li>Grype uses vunnel and grype-db open-source tools to build its vulnerability.db database.</li><li>The vulnerability.db file can be built manually if you want to use only a subset of upstream sources or create a custom database.</li><li>The file has five tables, but only two tables store significant data: vulnerability_metadata and vulnerability.</li><li>Ubuntu, NVD, and Susa have the most entries in the vulnerability_metadata table.</li><li>The data in the vulnerability.db file can be helpful in platform security and broader CVE trends analysis.</li><li>In conclusion, Grype's open data pipeline makes its vulnerability.db more flexible and useful.</li></ul>

Deep Dive 🤿: Where Does Grype Data Come From?

Discover more