Vulnerability Explorer.

Interactive explorer for vulnerability reports in JSON or SARIF format. Works with outputs from tools like Grype or Trivy. This project is independent and not affiliated with, endorsed by, or officially supported by these tools or their maintainers.

SARIF JSON

Grype JSON

Trivy JSON

ID	[[ elem.artifact.id ]]
Name	[[ elem.artifact.name ]]
Version	`[[ elem.artifact.version ]]`
Paths	[[ artifact.locations[0].path ]]	[[ artifact.path ]]

Match Type	`CPE Match` `Exact Direct Match` `Exact Indirect Match`
Matcher	`[[ elem.matchDetails[0].matcher ]]`
Package Name	`[[ elem.matchDetails[0].searchedBy.package.name ]]`
Package Version	`[[ elem.matchDetails[0].searchedBy.package.version ]]`
Used CPEs	[[ cpe ]] `N/A`
Suggested Version	`[[ elem.matchDetails[0].fix?.suggestedVersion ]]` `N/A`

State	[[ elem.vulnerability.fix.state ]]
Fixed Version	[[ elem.vulnerability.fix.versions[0] ]]

Base Score	Exploitability Score	Impact Score
`[[ elem.vulnerability.cvss[0].metrics.baseScore ]]`	`[[ elem.vulnerability.cvss[0].metrics?.exploitabilityScore \|\| 'N/A' ]]`	`[[ elem.vulnerability.cvss[0].metrics?.impactScore \|\| 'N/A' ]]`

Attack Vector	`Network` `Adjacent` `Local` `Physical`
Attack Complexity	`Low` `High`
Privileges Required	`None` `Low` `High`
User Interaction	`None` `Required`
Scope	`Unchanged` `Changed`
Confidentiality	`None` `Low` `High`
Integrity	`None` `Low` `High`
Availability	`None` `Low` `High`
CVSS Vector	[[ elem.vulnerability.cvss[0].vector ]]

Probability of Exploitation	`[[ (elem.vulnerability.epss[0].epss * 100).toFixed(2) ]] %`
Percentile	`[[ (elem.vulnerability.epss[0].percentile * 100).toFixed(2) ]] %`

Package Name	[[ elem.PkgName ]]
Installed Version	`[[ elem.InstalledVersion ]]`
Package URL	[[ elem.PkgIdentifier?.PURL ]]
Package UID	[[ elem.PkgIdentifier.UID ]]

State	`Fixed` `Affected` `Fix Deferred` `Will not fix` `Unknown` `Not affected` `Under Investigation` `End of Life`
Fixed Version	[[ elem.FixedVersion ]] `N/A`

GHSA	`[[ elem.CVSS?.ghsa?.V3Score ]]`	[[ elem.CVSS?.ghsa?.V3Vector ]]
NVD	`[[ elem.CVSS?.nvd?.V3Score ]]`	[[ elem.CVSS?.nvd?.V3Vector ]]
NVD	`[[ elem.CVSS?.nvd?.V2Score ]]`	[[ elem.CVSS?.nvd?.V2Vector ]]
RedHat	`[[ elem.CVSS?.redhat?.V3Score ]]`	[[ elem.CVSS?.redhat?.V3Vector ]]
RedHat	`[[ elem.CVSS?.redhat?.V2Score ]]`	[[ elem.CVSS?.redhat?.V2Vector ]]

Security Severity	`[[ elem.properties['security-severity'] ]]` `N/A`
Precision	`Very High` `High` `Medium` `Low` `N/A`
PURLs	[[ item ]] `N/A`
Tags	`[[ tag]]` `N/A`
Kind	[[ elem.properties?.kind ]] `N/A`

Physical	[[ elem.locations[0].physicalLocation?.artifactLocation?.uri ]]
Logical	[[ location.name ]] `N/A`
Message	[[ elem.locations[0].message?.text ]] `N/A`

Start Line	`[[ elem.locations[0].physicalLocation?.region?.startLine ]]`
Start Column	`[[ elem.locations[0].physicalLocation?.region?.startColumn ]]`
End Line	`[[ elem.locations[0].physicalLocation?.region?.endLine ]]`
End Column	`[[ elem.locations[0].physicalLocation?.region?.endColumn]]`
Snippet	[[ elem.locations[0].physicalLocation?.region?.snippet?.text ]] `N/A`