Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-14 12:38:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 143
fleet/server/mock
History
Michal Nicpon 9ad1721efd
fix issue with duplicate vulns detected using nvd (#8613) 
The OVAL analyzer falsely assumes that any vulnerabilities detected on a
host only come from OVAL. However, it is possible that NVD detects
vulnerabilities on these hosts even though it excludes software from
deb_packages and rpm_packages. For example, a python package twisted
v22.20 has a vulnerability CVE-2022-39348 detected by NVD. The OVAL
analyzer would delete this vulnerability, and it would be re-inserted by
the NVD scanner on the next run. This creates a loop.

The fix is to only delete vulnerabilities that are actually detected
using OVAL. We already store this in the source column in the
software_cve table.
2022-11-10 10:28:00 -07:00
..
mockresult Separate health checks for MySQL and Redis (#6468) 2022-07-01 08:08:03 -03:00
datastore.go Orbit remote management for flags (#7246) 2022-09-24 00:30:23 +05:30
datastore_installers.go adjust installers endpoint to avoid AJAX downloads (#7226) 2022-08-16 12:54:41 -03:00
datastore_mock.go fix issue with duplicate vulns detected using nvd (#8613) 2022-11-10 10:28:00 -07:00
datastore_users_helpers.go Add support for context in datastore/mysql layer (#1962) 2021-09-14 08:11:07 -04:00
errors.go Remove unneeded interfaces (#1779) 2021-08-24 18:49:56 -03:00