PKG-AUDIT(8)            FreeBSD System Manager's Manual           PKG-AUDIT(8)

NAME
     pkg audit - audit installed packages against known vulnerabilities

SYNOPSIS
     pkg audit [-Fqr] [-f filename] [-R[format]] [pkg-name]

     pkg audit [--{fetch,quiet,recursive}] [--file filename] [--raw[=format]]
               [pkg-name]

DESCRIPTION
     pkg audit checks installed packages for known vulnerabilities and
     generates reports including references to security advisories.  Its
     intended audience is system administrators and individual users.

     pkg audit uses a database maintained by port committers and the FreeBSD
     security team to check if security advisories for any installed packages
     exist.  Note that a current ports tree (or any local copy of the ports
     tree) is not required for operation.

     The URL that is used to fetch the database can be overridden via the
     VULNXML_SITE config variable.  See pkg.conf(5) for more information.

     If you have a vulnerable package installed, you are advised to update or
     deinstall it immediately.

     Supplying a pkg-name will audit only that package.

OPTIONS
     The following options are supported by pkg audit:

     -F, --fetch
             Fetch the database before checking.

     -f filename, --file filename
             Use filename as the local copy of the vulnerability database.  If
             used in combination with -F download the vulnerability database
             to the named filename before auditing installed ports against it.

     -q, --quiet
             Be "quiet".  Prints only the requested information without
             displaying many hints.

     -R[format], --raw[=format]
             Present the output in one of the following formats:

             •   json
             •   json-compact
             •   ucl
             •   yaml

             In case format is not provided, it defaults to ucl.

     -r, --recursive
             Prints packages that depend on vulnerable packages and are thus
             potentially vulnerable as well.

ENVIRONMENT
     The following environment variables affect the execution of pkg audit.
     See pkg.conf(5) for further description.

     PKG_DBDIR

     VULNXML_SITE

FILES
     See pkg.conf(5).

SEE ALSO
     pkg_create(3), pkg_printf(3), pkg_repos(3), pkg-keywords(5),
     pkg-lua-script(5), pkg-repository(5), pkg-script(5), pkg-triggers(5),
     pkg.conf(5), pkg(8), pkg-add(8), pkg-alias(8), pkg-annotate(8),
     pkg-autoremove(8), pkg-check(8), pkg-clean(8), pkg-config(8),
     pkg-create(8), pkg-delete(8), pkg-fetch(8), pkg-info(8), pkg-install(8),
     pkg-lock(8), pkg-query(8), pkg-register(8), pkg-repo(8), pkg-rquery(8),
     pkg-search(8), pkg-set(8), pkg-shell(8), pkg-shlib(8), pkg-ssh(8),
     pkg-stats(8), pkg-triggers(8), pkg-update(8), pkg-updating(8),
     pkg-upgrade(8), pkg-version(8), pkg-which(8)

FreeBSD 13.1-RELEASE-p6          March 1, 2022         FreeBSD 13.1-RELEASE-p6