GLVD (Garden Linux Vulnerability Database) is an application for tracking security issues in Garden Linux. It combines information from public resources such as the NIST National Vulnerability Database (NVD), the Debian Security Tracker, and kernel.org with our own triage information. GLVD helps you stay informed about vulnerabilities affecting Garden Linux.
- Aggregates vulnerability data from multiple trusted sources
- Tracks and triages security issues specific to Garden Linux
- Provides a REST API and web interface for querying vulnerabilities
- Supports automated data ingestion and schema management
- Easily deployable via Kubernetes or Compose
GLVD is composed of several modular components, each maintained in its own repository within the gardenlinux GitHub organization:
PostgreSQL database for storing vulnerability data. Includes a Containerfile for easy deployment.
Automates schema creation and imports vulnerability data from external sources (NVD, Debian Security Tracker, kernel.org).
Exposes an HTTP REST API for accessing vulnerability data. Also includes a simple web interface for browsing and searching vulnerabilities.
Command-line client available via the Garden Linux APT repository for interacting with GLVD.
Manifest files for deploying GLVD on Kubernetes are available in deployment/k8s. These can be used to set up GLVD on a Gardener cluster.
To deploy, see the deploy-k8s.sh script for step-by-step instructions.
A Compose setup is provided in deployment/compose/compose.yaml.
To start GLVD locally:
podman compose --file deployment/compose/compose.yaml upThis will launch the database and backend API. Note: The database will be empty initially.
To initialize the database schema and import data:
podman run -it --rm --network=compose_glvd --env PGHOST=glvd-postgres ghcr.io/gardenlinux/glvd-init:latestWarning: This operation will reset the database. Backup your data if needed.
We welcome contributions! Please see the individual component repositories for and open issues.
- GLVD API Documentation
- For questions or support, open an issue in the relevant repository.