feat: fetch k8s cves from kubernetes-sigs/cve-feed-osv

aquasecurity / trivy-db

Apache License 2.0

215 stars 131 forks source link

feat: fetch k8s cves from kubernetes-sigs/cve-feed-osv #420

Closed chen-keinan closed 2 months ago

chen-keinan commented 2 months ago

Description

The purpose of this change is to collect kubernetes cves data from kubernetes-sigs/cve-feed-osv which is relable and has osv format, instead of the existing k8s collector

Related https://github.com/kubernetes-sigs/cve-feed-osv/issues/1

knqyf263 commented 2 months ago

Yes, we should stop vuln-list-k8s and archive it.