Hi
I see there a page in the wiki for a tool called cvechecker (https://wiki.alpinelinux.org/wiki/Cvechecker), According to the wiki it should give CVEs on installed packages of Alpine... The page was last updated on 2013.
I tried the tool and noticed that it is working against the NVD DB, which is a good start :-). But it works with the CPEs, and it can lea to False Positives and False negatives (For example it won’t list nginx vulnerability CVE-2019-9511)
Any advice how can I use this tool to achieve my goal to detect CVEs on alpine installation and packages?
Thank