CVE
Analyzer
Vulnerability Intelligence
⬡ Required Preparation Commands
Generate SBOM (JSON format):
$
sudo syft scan dir:/var/lib/dpkg -o spdx-json > sbom.json
Generate Active Vulnerability List:
$
sudo debsecan --suite sid | grep -v "fixed" | grep -v "obsolete" > OPENVED.txt
sbom.json
SPDX-JSON · syft output
loaded
OPENVED.txt
Filtered debsecan output
loaded
Limit: 20 CVEs (fast)
Limit: 50 CVEs
Limit: 100 CVEs
No limit (all CVEs)
All severities
Critical only
Critical + High
⬡ Run Analysis
Pipeline Log
--:--:--
// drop sbom.json and/or OPENVED.txt to begin
// Analysis Complete
Download Report (.docx)
Download Detailed Log