If you would like to use the CVE database, Thoth’s resolver can automatically remove packages with vulnerabilities stated in the database - see the demo:
Currently, we are ingesting dependency data for other operating systems than Red Hat Enterprise Linux 8 and UBI 8 (with Python 3.8).
If you would like to consume recommendations for other operating systems, feel free to let us know to eventually prioritize data ingestion based on the user base.
And last but not least, thanks for the database!