mirror of
https://github.com/empayre/fleet.git
synced 2024-11-07 09:18:59 +00:00
812d3c85de
- Improved NVD CPE matching process. - Fixed bug with the 'software/<id>' endpoint not showing the generated_cpe value.
12 lines
568 B
Plaintext
12 lines
568 B
Plaintext
- Changed the way we performed searches when mapping software to CPEs, by first sanitizing the vendor
|
|
and product name, and then searching for (in this order):
|
|
|
|
* The vendor and product.
|
|
* The product name only.
|
|
* Free text search on the 'title' property.
|
|
|
|
- When performing vulnerability detection using the NVD database, we now exclude software from the
|
|
'rpm' and 'deb' sources (we will be using OVAL for those).
|
|
- Fixed bug that caused duplicated vulnerabilities to be sent to third party integrations.
|
|
- Moved NVD vulnerability detection to its own directory.
|