empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-07 01:15:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4f194084af
fleet/server
History
Michal Nicpon 9ad1721efd
fix issue with duplicate vulns detected using nvd (#8613) 
The OVAL analyzer falsely assumes that any vulnerabilities detected on a
host only come from OVAL. However, it is possible that NVD detects
vulnerabilities on these hosts even though it excludes software from
deb_packages and rpm_packages. For example, a python package twisted
v22.20 has a vulnerability CVE-2022-39348 detected by NVD. The OVAL
analyzer would delete this vulnerability, and it would be re-inserted by
the NVD scanner on the next run. This creates a loop.

The fix is to only delete vulnerabilities that are actually detected
using OVAL. We already store this in the source column in the
software_cve table.
2022-11-10 10:28:00 -07:00
..
authz Add Apple MDM functionality (#7940) 2022-10-05 19:53:54 -03:00
bindata Allow users to be readded if they were ever removed (#1945) 2021-09-07 13:33:40 -03:00
config Use the same HTTP server config as the production server in tests (#8254) 2022-10-19 07:42:21 -03:00
contexts Translate the AppConfig and Team validation messages to be more user-friendly (#8171) 2022-10-12 17:10:50 -04:00
datastore fix issue with duplicate vulns detected using nvd (#8613) 2022-11-10 10:28:00 -07:00
errorstore report error analytics (#6341) 2022-06-28 16:31:14 -03:00
fleet fix issue with duplicate vulns detected using nvd (#8613) 2022-11-10 10:28:00 -07:00
health Separate health checks for MySQL and Redis (#6468) 2022-07-01 08:08:03 -03:00
launcher Upgrade osquery-go (#4728) 2022-03-23 12:15:37 -03:00
live_query Bump go to 1.19.1 (#7690) 2022-09-12 20:32:43 -03:00
logging test: use T.TempDir to create temporary test directory (#6080) 2022-06-13 10:20:38 -03:00
mail update copyright year in core product transactional email templates (#3549) 2022-01-01 12:41:32 -06:00
mdm/apple Add Apple MDM functionality (#7940) 2022-10-05 19:53:54 -03:00
mock fix issue with duplicate vulns detected using nvd (#8613) 2022-11-10 10:28:00 -07:00
policies Refactor webhooks cron to new schedule package (#7840) 2022-09-20 14:26:36 -05:00
ptr Feature 7077: Add MSRC feed parser (#7424) 2022-08-30 16:39:50 -04:00
pubsub Add display_name to more results (#8204) 2022-10-14 11:14:18 -03:00
service Exclude windows servers from mdm aggregation and lists (#8585) 2022-11-08 10:29:40 +01:00
sso Bump go to 1.19.1 (#7690) 2022-09-12 20:32:43 -03:00
test Add MDM detection for windows and mdm endpoints (#8479) 2022-11-01 18:22:07 +01:00
vulnerabilities fix issue with duplicate vulns detected using nvd (#8613) 2022-11-10 10:28:00 -07:00
webhooks Feature 7494: Use the MSRC security bulletin artifacts for detecting Win OS vulnerabilities (#7889) 2022-10-28 11:12:21 -04:00
websocket improve error handling in vulnerabilities cron (#7276) 2022-08-18 16:53:58 -03:00
worker Feature 7494: Use the MSRC security bulletin artifacts for detecting Win OS vulnerabilities (#7889) 2022-10-28 11:12:21 -04:00
utils.go Modify /server/utils to handle all 2xx codes as POST success (#3534) 2021-12-30 16:00:10 -06:00