Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-22 16:39:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 121
fleet/server/vulnerabilities/nvd/cpe_translations.json
Jonathan Katz d70500a6e9
Add sw_edition to cpe db generation and cpe translations (#32879) 
Fixes: #31989 
# Adding sw_edition to CPE generation and translation
This PR adds the ability to override sw_edition with cpe translations.
This adds a new column to cpe.sqlite that is generated daily.
Old versions of fleet will still work with the new cpe db and
translations.
Versions from this change forward will require the new cpe db for cpe
translations to work.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] Added/updated automated tests
- [ ] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)

- [x] QA'd all new/changed functionality manually

## Backwards Compatibility
Testing with physical machines and for Firefox ESR fix
| Fleet version | cpe db | translations | vuln. soft. # | Firefox ESR
cpe | Firefox ESR vuln. # |
| ------- | ------ | ------------ | ------------- | ---------------- |
------------------- |
| Updated | old | old | 58 | `:*:macos:*:*` | 168 |
| Updated | new | new | 58 | `:esr:macos:*:*` | 92 |
| 4.71.1 | old | old | 58 | `:*:macos:*:*` | 168 |
| 4.71.1 | new | new | 58 | `:*:macos:*:*` | 168 |

Testing with osquery-perf hosts
| Fleet version | cpe db | translations | vuln. soft. # |
Vulnerabilities |
| ------- | ------ | ------------ | ------------- | --------------- |
| Updated | old    | old          | 156/161       | 3136            |
| Updated | new    | new          | 156/161       | 3136            |
| 4.71.1  | old    | old          | 156/161       | 3951            |
| 4.71.1  | new    | new          | 156/161       | 3951            |

---------

Co-authored-by: Ian Littman <iansltx@gmail.com>
2025-09-17 11:30:49 -04:00

629 lines
12 KiB
JSON
Raw Blame History

[
{
"software": {
"bundle_identifier": ["us.zoom.xos"],
"source": ["apps"]
},
"filter": {
"product": ["zoom", "meetings"],
"vendor": ["zoom"],
"target_sw": ["macos", "mac_os"]
}
},
{
"software": {
"name": ["vault"],
"source": ["homebrew_packages"]
},
"filter": {
"product": ["vault"],
"vendor": ["hashicorp"]
}
},
{
"software": {
"name": ["pass"],
"source": ["homebrew_packages"]
},
"filter": {
"product": ["simple_password_store"],
"vendor": ["simple_password_store_project"]
}
},
{
"software": {
"name": ["/^ruby(@.*)?$/"],
"source": ["homebrew_packages"]
},
"filter": {
"product": ["ruby"],
"vendor": ["ruby-lang"]
}
},
{
"software": {
"name": ["/^node(@.*)?$/"],
"source": ["homebrew_packages"]
},
"filter": {
"product": ["node.js"],
"vendor": ["nodejs"]
}
},
{
"software": {
"name": ["/1Password/"],
"source": ["apps"]
},
"filter": {
"product": ["1password"],
"vendor": ["1password"]
}
},
{
"software": {
"name": ["/Node\\.js/"],
"source": ["programs"]
},
"filter": {
"product": ["node.js"],
"vendor": ["nodejs"]
}
},
{
"software": {
"name": ["/7-Zip/"],
"source": ["programs"]
},
"filter": {
"product": ["7-zip"],
"vendor": ["7-zip"]
}
},
{
"software": {
"name": ["/^Python 3\\.\\d{1,2}/"],
"source": ["programs"]
},
"filter": {
"product": ["python"],
"vendor": ["python"]
}
},
{
"software": {
"name": ["Docs"],
"source": ["chrome_extensions"]
},
"filter": {
"skip": true
}
},
{
"software": {
"bundle_identifier": [
"/(?i)com\\.microsoft\\.(powerpoint|word|excel|onenote|outlook)/"
],
"source": ["apps"]
},
"filter": {
"skip": true
}
},
{
"software": {
"bundle_identifier": [
"/(?i)(com\\.docker\\.docker|com\\.electron\\.dockerdesktop|com\\.electron\\.docker-frontend)/"
],
"source": ["apps"]
},
"filter": {
"product": ["desktop"],
"vendor": ["docker"],
"sw_edition": [""]
}
},
{
"software": {
"name": ["jira"],
"source": ["python_packages"]
},
"filter": {
"skip": true
}
},
{
"software": {
"name": ["docker"],
"source": ["python_packages"]
},
"filter": {
"skip": true
}
},
{
"software": {
"name": ["flock"],
"source": ["homebrew_packages"]
},
"filter": {
"skip": true
}
},
{
"software": {
"name": ["Flock.app"],
"source": ["apps"]
},
"filter": {
"product": ["flock"],
"vendor": ["flock"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.intellij/"],
"source": ["apps"]
},
"filter": {
"product": ["intellij_idea"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"name": ["/^intellij-idea(-ce)?$/"],
"source": ["homebrew_packages"]
},
"filter": {
"product": ["intellij_idea"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"name": ["/^IntelliJ IDEA Community Edition/"],
"source": ["programs"]
},
"filter": {
"product": ["intellij_idea"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.pycharm/"],
"source": ["apps"]
},
"filter": {
"product": ["pycharm"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"name": ["/^pycharm(-ce)?$/"],
"source": ["homebrew_packages"]
},
"filter": {
"product": ["pycharm"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.PhpStorm/"],
"source": ["apps"]
},
"filter": {
"product": ["phpstorm"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.aqua/"],
"source": ["apps"]
},
"filter": {
"product": ["aqua"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.CLion/"],
"source": ["apps"]
},
"filter": {
"product": ["clion"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.datagrip/"],
"source": ["apps"]
},
"filter": {
"product": ["datagrip"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.dataspell/"],
"source": ["apps"]
},
"filter": {
"product": ["dataspell"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.goland/"],
"source": ["apps"]
},
"filter": {
"product": ["goland"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.rider/"],
"source": ["apps"]
},
"filter": {
"product": ["rider"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.rubymine/"],
"source": ["apps"]
},
"filter": {
"product": ["rubymine"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.rustrover/"],
"source": ["apps"]
},
"filter": {
"product": ["rustrover"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.WebStorm/"],
"source": ["apps"]
},
"filter": {
"product": ["webstorm"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.jetbrains\\.mps/"],
"source": ["apps"]
},
"filter": {
"product": ["mps"],
"vendor": ["jetbrains"]
}
},
{
"software": {
"name": ["ms-python.python"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["python_extension"],
"vendor": ["microsoft"]
}
},
{
"software": {
"name": ["ms-vsliveshare.vsliveshare"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["visual_studio_live_share"],
"vendor": ["microsoft"]
}
},
{
"software": {
"name": ["dbaeumer.vscode-eslint"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["visual_studio_code_eslint_extension"],
"vendor": ["microsoft"]
}
},
{
"software": {
"name": ["ms-vscode.powershell"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["powershell_extension"],
"vendor": ["microsoft"]
}
},
{
"software": {
"name": ["ms-vscode-remote.vscode-remote-extensionpack"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["remote_development"],
"vendor": ["microsoft"]
}
},
{
"software": {
"name": ["vknabel.vscode-swiftlint"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["swiftlint"],
"vendor": ["swiftlint_project"]
}
},
{
"software": {
"name": ["vknabel.vscode-swiftformat"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["swiftformat"],
"vendor": ["swiftformat_project"]
}
},
{
"software": {
"name": ["jbenden.c-cpp-flylint"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["c\\/c\\+\\+_advanced_lint"],
"vendor": ["c\\/c\\+\\+_advanced_lint_project"]
}
},
{
"software": {
"name": ["stripe.vscode-stripe"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["stripe"],
"vendor": ["stripe"]
}
},
{
"software": {
"name": ["vscodevim.vim"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["vim"],
"vendor": ["vim_project"]
}
},
{
"software": {
"name": ["svelte.svelte-vscode"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["svelte"],
"vendor": ["svelte"]
}
},
{
"software": {
"name": ["ms-vscode-remote.remote-containers"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["remote"],
"vendor": ["microsoft"]
}
},
{
"software": {
"name": ["ms-kubernetes-tools.vscode-kubernetes-tools"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["kubernetes_tools"],
"vendor": ["microsoft"]
}
},
{
"software": {
"name": ["ms-dotnettools.vscode-dotnet-sdk"],
"source": ["vscode_extensions"]
},
"filter": {
"product": [".net_education_bundle_sdk_install_tool"],
"vendor": ["microsoft"]
}
},
{
"software": {
"name": ["ms-dotnettools.vscode-dotnet-runtime"],
"source": ["vscode_extensions"]
},
"filter": {
"product": [".net_install_tool_for_extension_authors"],
"vendor": ["microsoft"]
}
},
{
"software": {
"name": ["ms-vscode-remote.remote-wsl"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["windows_subsystem_for_linux"],
"vendor": ["microsoft"]
}
},
{
"software": {
"name": ["mongodb.mongodb-vscode"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["mongodb"],
"vendor": ["mongodb"]
}
},
{
"software": {
"name": ["docker.docker"],
"source": ["vscode_extensions"]
},
"filter": {
"skip": true
}
},
{
"software": {
"name": ["oracle.mysql-shell-for-vs-code"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["mysql_shell"],
"vendor": ["oracle"]
}
},
{
"software": {
"name": ["snyk-security.snyk-vulnerability-scanner"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["snyk_security"],
"vendor": ["snyk"]
}
},
{
"software": {
"name": ["sourcegraph.cody-ai"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["cody"],
"vendor": ["sourcegraph"]
}
},
{
"software": {
"name": ["github.vscode-pull-request-github"],
"source": ["vscode_extensions"]
},
"filter": {
"product": ["pull_requests_and_issues"],
"vendor": ["github"]
}
},
{
"software": {
"name": ["Microsoft Edge"],
"source": ["programs", "apps"]
},
"filter": {
"product": ["edge_chromium"],
"vendor": ["microsoft"]
}
},
{
"software": {
"name": ["Steam"],
"source": ["programs"]
},
"filter": {
"skip": true
}
},
{
"software": {
"name": ["Steam.app"],
"source": ["apps"]
},
"filter": {
"skip": true
}
},
{
"software": {
"name": ["/^linux-image\\.*/"]
},
"filter": {
"product": ["linux_kernel"],
"vendor": ["linux"],
"part": "o"
}
},
{
"software": {
"name": ["git"],
"source": ["homebrew_packages"]
},
"filter": {
"product": ["git"],
"vendor": ["git"]
}
},
{
"software": {
"bundle_identifier": ["org.virtualbox.app.VirtualBox"]
},
"filter": {
"product": ["virtualbox"],
"vendor": ["oracle"]
}
},
{
"software": {
"name": ["gh"]
},
"filter": {
"product": ["cli"],
"vendor": ["github"]
}
},
{
"software": {
"bundle_identifier": ["/^com\\.googlecode\\.iterm2/"],
"source": ["apps"]
},
"filter": {
"product": ["iterm2"],
"vendor": ["iterm2"]
}
},
{
"software": {
"name": ["Firefox ESR.app"],
"source": ["apps"]
},
"filter": {
"product": ["firefox"],
"vendor": ["mozilla"],
"sw_edition": ["esr"]
}
}
]
Reference in a new issue View git blame Copy permalink