Ce contenu n'est pas disponible dans la langue sélectionnée.
Chapter 1. Searching for vulnerability information
You can use the Trusted Profile Analyzer service to find existing Software Bill of Materials (SBOM), Vulnerability Exploitability eXchange (VEX) documents, and common vulnerability and exposure (CVE) information for Red Hat products and packages.
For this Technical Preview release, Trusted Profile Analyzer provides only information for the following Red Hat products:
- Red Hat Enterprise Linux Universal Base Image (UBI) versions 8 and 9.
- The Java Quarkus library.
Prerequisites
- A Red Hat user account to access the Red Hat Hybrid Cloud Console.
Procedure
- Open a web browser.
- Go to the Application and Data Services home page on the Hybrid Cloud Console.
- If prompted, log into the Hybrid Cloud Console with your credentials.
- On the navigation menu, click Trusted Profile Analyzer.
On the Trusted Profile Analyzer home page, click the Subscribe and launch button. A new web browser window opens to the Trusted Profile Analyzer console home page.
NoteBy subscribing, your registered email address goes onto the product mailing list, so you can receive information on new product developments.
- On the Home page, in the search field, enter your search criteria and click Search.
On the search results page, you can filter the results by Red Hat products, download SBOM files, view package vulnerability information, and view any possible remediations.
NoteThe number shown on the Advisories tab is how many times your search criteria made a match. On the Products and containers tab, the number in the Product advisories column shows the number of advisories for that specific product.