docs: add Fedora

README.md

@@ -165,7 +165,7 @@ Failures: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
 # Features
 
 - Comprehensive vulnerability detection
-  - OS packages (Alpine Linux, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
+  - OS packages (Alpine Linux, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, Fedora, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
   - **Language-specific packages** (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go)
 - Misconfiguration detection (IaC scanning) 
   - A wide variety of built-in policies are provided **out of the box**

docs/getting-started/overview.md

@@ -22,7 +22,7 @@ See [Integrations][integrations] for details.
 ## Features
 
 - Comprehensive vulnerability detection
-    - [OS packages][os] (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
+    - [OS packages][os] (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, Fedora, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
     - [**Language-specific packages**][lang] (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go)
 - Detect IaC misconfigurations
     - A wide variety of [built-in policies][builtin] are provided **out of the box**:

docs/vulnerability/detection/data-source.md

@@ -13,6 +13,7 @@
 |                | [Security Data][rhel-api]                |
 | AlmaLinux      | [AlmaLinux Product Errata][alma]         |
 | Rocky Linux    | [Rocky Linux UpdateInfo][rocky]          |
+| Fedora         | [Fedora UpdateInfo][fedora]              |
 | Oracle Linux   | [OVAL][oracle]                           |
 | CBL-Mariner    | [OVAL][mariner]                          |
 | OpenSUSE/SLES	 | [CVRF][suse]                             |
@@ -56,6 +57,7 @@
 [rhel-api]: https://www.redhat.com/security/data/metrics/
 [alma]: https://errata.almalinux.org/
 [rocky]: https://download.rockylinux.org/pub/rocky/
+[fedora]: https://dl.fedoraproject.org/pub/fedora/linux/updates/
 [oracle]: https://linux.oracle.com/security/oval/
 [suse]: http://ftp.suse.com/pub/projects/security/cvrf/
 [photon]: https://packages.vmware.com/photon/photon_cve_metadata/

docs/vulnerability/detection/os.md

@@ -10,6 +10,7 @@ The unfixed/unfixable vulnerabilities mean that the patch has not yet been provi
 | CentOS                           | 6, 7, 8                                  | Installed by yum/rpm          |                 YES                  |
 | AlmaLinux                        | 8                                        | Installed by yum/rpm          |                  NO                  |
 | Rocky Linux                      | 8                                        | Installed by yum/rpm          |                  NO                  |
+| Fedora                           | 32, 33, 34, 35                           | Installed by dnf/yum/rpm      |                  NO                  |
 | Oracle Linux                     | 5, 6, 7, 8                               | Installed by yum/rpm          |                  NO                  |
 | CBL-Mariner                      | 1.0, 2.0                                 | Installed by yum/rpm          |                 YES                  |
 | Amazon Linux                     | 1, 2                                     | Installed by yum/rpm          |                  NO                  |