Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ppxl/harbor-cve-finder

Comfortably find CVEs in your Harbor container image registry
https://github.com/ppxl/harbor-cve-finder

container cve harbor-registry registry

Last synced: about 1 month ago
JSON representation

Comfortably find CVEs in your Harbor container image registry

Awesome Lists containing this project

README 

        
# harbor-cve-finder



`harbor-cve-finder` (hcf) is a tool which polls information from a configurable Harbor instance in order to analyze CVE reports.



Run `hcf` like this.



the switch `-p`/`--package` may contain a substring expression of the package with a CVE finding. Currently only CVEs of the range `HIGH` and `CRITICAL` will be shown. Future versions will make this configurable.



```bash

go run -e find https://your/harbor/registry -p openssh

Username: yourUsername

Password:

...

Looking at project1/your-repo-cluster

Found vuln in project1/your-repo-cluster:1.0.0: CVE-2024-6387 in package openssh-client

Looking at project1/your-repo2

Found vuln in project1/your-repo2:1.1.0: CVE-2024-6387 in package openssh-client

Found vuln in project1/your-repo2:1.0.1: CVE-2024-6387 in package openssh-client

Found vuln in project1/your-repo2:1.0.0: CVE-2024-6387 in package openssh-client

Looking at another-project/pyenv

Looking at another-project/ki-python

Looking at another-project/pycharm

Looking at another-project/intellij

Looking at another-project/nvm

Looking at another-project/code-server-extensions

```



You can also download a compiled AMD64 Linux binary from the [Releases section](https://github.com/ppxl/harbor-cve-finder/releases) and run that instead of installing Go first ;)