diff --git a/Gemfile.checksum b/Gemfile.checksum
index a03b9519128939fcd17144ea472d780ecd3f831e..d8add4d17c231a0ddbae701f57ea2e13e59ac702 100644
--- a/Gemfile.checksum
+++ b/Gemfile.checksum
@@ -621,7 +621,7 @@
 {"name":"sd_notify","version":"0.1.1","platform":"ruby","checksum":"cbc7ac6caa7cedd26b30a72b5eeb6f36050dc0752df263452ea24fb5a4ad3131"},
 {"name":"seed-fu","version":"2.3.7","platform":"ruby","checksum":"f19673443e9af799b730e3d4eca6a89b39e5a36825015dffd00d02ea3365cf74"},
 {"name":"selenium-webdriver","version":"4.21.1","platform":"ruby","checksum":"c30b64014532fc5156c60797985f839f36adbe60ff4653e7112b008dc1c83263"},
-{"name":"semver_dialects","version":"3.0.2","platform":"ruby","checksum":"c1fb3c60e86416164ea7f2628655cb84686298f64f82e8951618c3dd7e8f93e3"},
+{"name":"semver_dialects","version":"3.2.0","platform":"ruby","checksum":"11559c8bd77db40be1e9312598c94c1b1b1e2129785d030a19f0db4b11f5555f"},
 {"name":"sentry-rails","version":"5.17.3","platform":"ruby","checksum":"017771c42d739c0ad2213a581ca9d005cf543227bc13662cd1ca9909f2429459"},
 {"name":"sentry-ruby","version":"5.17.3","platform":"ruby","checksum":"61791a4b0bb0f95cd87aceeaa1efa6d4ab34d64236c9d5df820478adfe2fbbfc"},
 {"name":"sentry-sidekiq","version":"5.17.3","platform":"ruby","checksum":"d0714a218999e41e38127d0c174e0ee62a32b069f92e85b544e0c2125eca2c58"},
diff --git a/Gemfile.lock b/Gemfile.lock
index ea6a0ff878a73d005a5f20b202396614a36e8e81..f821a44b9ceca71fc0f2fc7a2e4f079783345913 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1651,7 +1651,7 @@ GEM
       rexml (~> 3.2, >= 3.2.5)
       rubyzip (>= 1.2.2, < 3.0)
       websocket (~> 1.0)
-    semver_dialects (3.0.2)
+    semver_dialects (3.2.0)
       deb_version (~> 1.0.1)
       pastel (~> 0.8.0)
       thor (~> 1.3)
diff --git a/ee/app/models/package_metadata/advisory.rb b/ee/app/models/package_metadata/advisory.rb
index 25e47b6e4c9e195aa27d9a54b860ec1634eb567e..43068766e8b383797684b141be62dfaa74abfb5f 100644
--- a/ee/app/models/package_metadata/advisory.rb
+++ b/ee/app/models/package_metadata/advisory.rb
@@ -32,5 +32,13 @@ class Advisory < ApplicationRecord
     end
 
     scope :with_affected_packages, -> { includes(:affected_packages) }
+
+    def from_container_scanning?
+      source_xid == 'trivy-db'
+    end
+
+    def from_dependency_scanning?
+      source_xid == 'glad'
+    end
   end
 end
diff --git a/ee/lib/gitlab/vulnerability_scanning/advisory_scanner.rb b/ee/lib/gitlab/vulnerability_scanning/advisory_scanner.rb
index ff97e20c08cde77791dad8446f2781b57b78e012..97288bb08afd16d2ec25226ad8a79af375cbd1e2 100644
--- a/ee/lib/gitlab/vulnerability_scanning/advisory_scanner.rb
+++ b/ee/lib/gitlab/vulnerability_scanning/advisory_scanner.rb
@@ -57,12 +57,12 @@ def execute
 
       private
 
-      SUPPORTED_CONTAINER_SCANNING_PURL_TYPES = %w[deb].freeze
+      SUPPORTED_CONTAINER_SCANNING_PURL_TYPES = %w[deb rpm].freeze
 
       attr_reader :advisory, :possibly_affected_sbom_occurrences_count, :known_affected_sbom_occurrences_count
 
       def affected_packages
-        if advisory.source_xid == 'trivy-db'
+        if advisory.from_container_scanning?
           return advisory.affected_packages.filter do |affected_package|
             SUPPORTED_CONTAINER_SCANNING_PURL_TYPES.include?(affected_package.purl_type)
           end
diff --git a/ee/spec/lib/gitlab/vulnerability_scanning/advisory_scanner_spec.rb b/ee/spec/lib/gitlab/vulnerability_scanning/advisory_scanner_spec.rb
index 5a40d2be309777ac84457f57ee105980a377b89e..2f1d8bb221f17dcb7db7aa23fc5681ce3ffba911 100644
--- a/ee/spec/lib/gitlab/vulnerability_scanning/advisory_scanner_spec.rb
+++ b/ee/spec/lib/gitlab/vulnerability_scanning/advisory_scanner_spec.rb
@@ -311,8 +311,14 @@
             purl_type: 'wolfi', advisory: advisory)
         end
 
+        let(:finder) { instance_spy(::Sbom::PossiblyAffectedOccurrencesFinder) }
+
+        before do
+          allow(::Sbom::PossiblyAffectedOccurrencesFinder).to receive(:new).and_return(finder)
+        end
+
         it 'does not attempt to scan for advisory affecting package' do
-          expect { described_class.scan_projects_for(affected_package.advisory) }.not_to raise_error
+          expect(finder).to have_received(:execute_in_batches).exactly(0).times
         end
       end
     end
diff --git a/ee/spec/models/package_metadata/advisory_spec.rb b/ee/spec/models/package_metadata/advisory_spec.rb
index 84c46b52c8e633b40f2d2cadb69561e2da4e66a8..be41dabf336240e019db50a136a375c5953e7dd4 100644
--- a/ee/spec/models/package_metadata/advisory_spec.rb
+++ b/ee/spec/models/package_metadata/advisory_spec.rb
@@ -94,4 +94,36 @@
       end
     end
   end
+
+  describe '#from_container_scanning?' do
+    subject { advisory.from_container_scanning? }
+
+    context 'when source_xid is trivy-db' do
+      let(:advisory) { build(:pm_advisory, source_xid: 'trivy-db') }
+
+      it { is_expected.to be true }
+    end
+
+    context 'when source_xid is not trivy-db' do
+      let(:advisory) { build(:pm_advisory, source_xid: 'glad') }
+
+      it { is_expected.to be false }
+    end
+  end
+
+  describe '#from_dependency_scanning?' do
+    subject { advisory.from_dependency_scanning? }
+
+    context 'when source_xid is glad' do
+      let(:advisory) { build(:pm_advisory, source_xid: 'glad') }
+
+      it { is_expected.to be true }
+    end
+
+    context 'when source_xid is not glad' do
+      let(:advisory) { build(:pm_advisory, source_xid: 'trivy-db') }
+
+      it { is_expected.to be false }
+    end
+  end
 end