LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
This adds the ingester that downloads the latest CSV of the CISA Known Vulnerabilities, aka CVEs which are known to be exploited in the wild by attackers.
Tested this locally and there are only 10 vulnerabilities in our DB which we're missing in our DB, and they all seem to affect iOS devices only :)
You can test for all vulns not in the DB with this query:
-- Find all the CVEs that are not in the CISA list.
SELECT * FROM vulnerability.cisa_known_exploited_vulnerabilities cve
WHERE NOT EXISTS (SELECT 1 FROM vulnerability.vulnerability v WHERE v.cisa_known_exploited_cve = cve.cve);
This adds the ingester that downloads the latest CSV of the CISA Known Vulnerabilities, aka CVEs which are known to be exploited in the wild by attackers.
Tested this locally and there are only 10 vulnerabilities in our DB which we're missing in our DB, and they all seem to affect iOS devices only :)
You can test for all vulns not in the DB with this query:
Screenshot from my IDE: