docs: add Fedora

README.md

@@ -165,7 +165,7 @@ Failures: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
 # Features
 
 - Comprehensive vulnerability detection
-  - OS packages (Alpine Linux, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
+  - OS packages (Alpine Linux, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, Fedora, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
   - **Language-specific packages** (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go)
 - Misconfiguration detection (IaC scanning) 
   - A wide variety of built-in policies are provided **out of the box**

docs/getting-started/overview.md

@@ -22,7 +22,7 @@ See [Integrations][integrations] for details.
 ## Features
 
 - Comprehensive vulnerability detection
-    - [OS packages][os] (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
+    - [OS packages][os] (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, Fedora, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
     - [**Language-specific packages**][lang] (Bundler, Composer, Pipenv, Poetry, npm, yarn, Cargo, NuGet, Maven, and Go)
 - Detect IaC misconfigurations
     - A wide variety of [built-in policies][builtin] are provided **out of the box**:

docs/vulnerability/detection/data-source.md

@@ -13,6 +13,7 @@
 |                | [Security Data][rhel-api]                |
 | AlmaLinux      | [AlmaLinux Product Errata][alma]         |
 | Rocky Linux    | [Rocky Linux UpdateInfo][rocky]          |
+| Fedora         | [Fedora UpdateInfo][fedora]              |
 | Oracle Linux   | [OVAL][oracle]                           |
 | OpenSUSE/SLES	 | [CVRF][suse]                             |
 | Photon OS      | [Photon Security Advisory][photon]       |
@@ -55,6 +56,7 @@
 [rhel-api]: https://www.redhat.com/security/data/metrics/
 [alma]: https://errata.almalinux.org/
 [rocky]: https://download.rockylinux.org/pub/rocky/
+[fedora]: https://dl.fedoraproject.org/pub/fedora/linux/updates/
 [oracle]: https://linux.oracle.com/security/oval/
 [suse]: http://ftp.suse.com/pub/projects/security/cvrf/
 [photon]: https://packages.vmware.com/photon/photon_cve_metadata/

docs/vulnerability/detection/os.md

@@ -10,6 +10,7 @@ The unfixed/unfixable vulnerabilities mean that the patch has not yet been provi
 | CentOS                           | 6, 7, 8                                  | Installed by yum/rpm          |                 YES                  |
 | AlmaLinux                        | 8                                        | Installed by yum/rpm          |                  NO                  |
 | Rocky Linux                      | 8                                        | Installed by yum/rpm          |                  NO                  |
+| Fedora                           | 32, 33, 34, 35                           | Installed by dnf/yum/rpm      |                  NO                  |
 | Oracle Linux                     | 5, 6, 7, 8                               | Installed by yum/rpm          |                  NO                  |
 | Amazon Linux                     | 1, 2                                     | Installed by yum/rpm          |                  NO                  |
 | openSUSE Leap                    | 42, 15                                   | Installed by zypper/rpm       |                  NO                  |