Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-18 14:38:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 57
fleet/server/vulnerabilities/nvd
History
Tim Lee 79b5baa297
4345 OS Vulnerabilities Backend (#16303) 
#4345 

This backend feature branch includes the following PRs:

macOS Vuln Matching:
#15837 
#15990 
#16077 

Bugs / Issues:
#16004
 #15905 
#16226 

Windows Vuln Matching
#16047 
#16049 
#16085 
#16099 

API:
#16215
2024-01-24 12:18:57 -07:00
..
sync Use NVD API 2.0 to download CVE information (#15102) 2023-11-21 12:30:07 -06:00
cpe.go Tightening the CPE matching to reduce false positive rate. (#15187) 2023-11-20 11:59:31 -06:00
cpe_matching_rule.go Fix CVE-2020-10146 false positive being detected on all Microsoft Teams versions (#13839) 2023-09-11 16:51:53 -03:00
cpe_matching_rule_test.go add CVE-2013-0340 to ignore list (#13942) 2023-09-15 16:38:33 -06:00
cpe_matching_rules.go Fix false positive vulnerability for python on macOS (#14531) 2023-10-13 14:24:35 -03:00
cpe_test.go UmbrellaMenu.app no longer matches Cisco Umbrella (#15262) 2023-11-21 16:29:02 -06:00
cpe_translations.go Flock vulnerability false positive (#13827) 2023-09-14 10:38:36 -06:00
cpe_translations.json Tightening the CPE matching to reduce false positive rate. (#15187) 2023-11-20 11:59:31 -06:00
cve.go 4345 OS Vulnerabilities Backend (#16303) 2024-01-24 12:18:57 -07:00
cve_test.go 4345 OS Vulnerabilities Backend (#16303) 2024-01-24 12:18:57 -07:00
db.go Updating CPE generator to use new NVD API. (#15018) 2023-11-20 16:10:00 -06:00
indexed_cpe_item.go Fixes various bugs with NVD vulnerability detection (#7963) 2022-10-04 07:04:48 -04:00
README.md Flock vulnerability false positive (#13827) 2023-09-14 10:38:36 -06:00
sanitize.go Fixes various bugs with NVD vulnerability detection (#7963) 2022-10-04 07:04:48 -04:00
sanitize_test.go upgrade Go version to 1.21.1 (#13877) 2023-09-13 15:59:35 -03:00
sync.go Use NVD API 2.0 to download CVE information (#15102) 2023-11-21 12:30:07 -06:00
sync_test.go Add Description text to CVE Metadata (#13856) 2023-09-15 11:24:10 -06:00
testing_utils.go Fixes various bugs with NVD vulnerability detection (#7963) 2022-10-04 07:04:48 -04:00

README.md

Testing CPE Translations

To improve accuracy when mapping software to CVEs, we can add data to cpe_translations.json which will get picked up by the NVD repo.

To test these changes locally, you can:

  1. make the appropriate changes to cpe_translations

  2. host this file on a local web server

    ./tools/file-server 8082 ./server/vulnerabilities/nvd/cpe_translations.json

  3. (re)launch your local fleet server with the following --config

    vulnerabilities:
cpe_translations_url: "http://localhost:8082/cpe_translations.json"

  4. trigger the vulnerabilities scan

    fleetctl trigger --name vulnerabilities