mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 08:55:24 +00:00
9ad1721efd
The OVAL analyzer falsely assumes that any vulnerabilities detected on a host only come from OVAL. However, it is possible that NVD detects vulnerabilities on these hosts even though it excludes software from deb_packages and rpm_packages. For example, a python package twisted v22.20 has a vulnerability CVE-2022-39348 detected by NVD. The OVAL analyzer would delete this vulnerability, and it would be re-inserted by the NVD scanner on the next run. This creates a loop. The fix is to only delete vulnerabilities that are actually detected using OVAL. We already store this in the source column in the software_cve table. |
||
---|---|---|
.. | ||
rpmvercmp_test.go | ||
rpmvercmp.go | ||
utils_test.go | ||
utils.go |