Remic漏洞扫描程序,用于检测应用程序依赖项中公开披露的漏洞
用法
$ remic -h
NAME:
remic – A simple and fast tool for detecting vulnerabilities in application dependencies
USAGE:
remic [options] file
VERSION:
0.0.2
OPTIONS:
–format value, -f value format (table, json) (default: “table”)
–severity value, -s value severity of vulnerabilities to be displayed (default: “UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL”)
–output value, -o value output file name
–exit-code value Exit code when vulnerabilities were found (default: 0)
–skip-update skip db update
–ignore-unfixed display only fixed vulnerabilities
–debug, -d debug mode
–help, -h show help
–version, -v print the version
漏洞检测
Remic 自动检测容器中的以下文件并扫描应用程序依赖项中的漏洞。
Gemfile.lock
Pipfile.lock
composer.lock
package-lock.json
yarn.lock
Cargo.lock
文章来源及出处:
https://github.com/knqyf263/remic
暂无评论内容