Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-22 16:39:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 121
fleet/server/vulnerabilities/nvd
History
Lucas Manuel Rodriguez 7d13769de6
Fix false positive vulnerability for python on macOS (#14531) 
#11923

- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes (docs/Using
Fleet/manage-access.md)~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- ~[ ] Added/updated tests~
- [x] Manual QA for all new/changed functionality
  - ~For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-10-13 14:24:35 -03:00
..
cpe.go Handle flaky vulnerability tests (#11262) 2023-04-21 19:37:29 -04:00
cpe_matching_rule.go Fix CVE-2020-10146 false positive being detected on all Microsoft Teams versions (#13839) 2023-09-11 16:51:53 -03:00
cpe_matching_rule_test.go add CVE-2013-0340 to ignore list (#13942) 2023-09-15 16:38:33 -06:00
cpe_matching_rules.go Fix false positive vulnerability for python on macOS (#14531) 2023-10-13 14:24:35 -03:00
cpe_test.go upgrade Go version to 1.21.1 (#13877) 2023-09-13 15:59:35 -03:00
cpe_translations.go Flock vulnerability false positive (#13827) 2023-09-14 10:38:36 -06:00
cpe_translations.json Flock vulnerability false positive (#13827) 2023-09-14 10:38:36 -06:00
cve.go Fix false positive vulnerability for python on macOS (#14531) 2023-10-13 14:24:35 -03:00
cve_test.go Add version_resolved_in to software API (#13939) 2023-09-18 16:53:32 -06:00
db.go Fixes various bugs with NVD vulnerability detection (#7963) 2022-10-04 07:04:48 -04:00
indexed_cpe_item.go Fixes various bugs with NVD vulnerability detection (#7963) 2022-10-04 07:04:48 -04:00
README.md Flock vulnerability false positive (#13827) 2023-09-14 10:38:36 -06:00
sanitize.go Fixes various bugs with NVD vulnerability detection (#7963) 2022-10-04 07:04:48 -04:00
sanitize_test.go upgrade Go version to 1.21.1 (#13877) 2023-09-13 15:59:35 -03:00
sync.go Add Description text to CVE Metadata (#13856) 2023-09-15 11:24:10 -06:00
sync_test.go Add Description text to CVE Metadata (#13856) 2023-09-15 11:24:10 -06:00
testing_utils.go Fixes various bugs with NVD vulnerability detection (#7963) 2022-10-04 07:04:48 -04:00

README.md

Testing CPE Translations

To improve accuracy when mapping software to CVEs, we can add data to cpe_translations.json which will get picked up by the NVD repo.

To test these changes locally, you can:

  1. make the appropriate changes to cpe_translations

  2. host this file on a local web server

    ./tools/file-server 8082 ./server/vulnerabilities/nvd/cpe_translations.json

  3. (re)launch your local fleet server with the following --config

    vulnerabilities:
cpe_translations_url: "http://localhost:8082/cpe_translations.json"

  4. trigger the vulnerabilities scan

    fleetctl trigger --name vulnerabilities