Skip to content
This repository has been archived by the owner on Sep 16, 2022. It is now read-only.

Create CVE scanner #23

Closed
vpetersson opened this issue Mar 12, 2019 · 3 comments · Fixed by #416
Closed

Create CVE scanner #23

vpetersson opened this issue Mar 12, 2019 · 3 comments · Fixed by #416

Comments

@vpetersson
Copy link
Contributor

In agent#22, we extract the list of installed packages from a device running Raspbian/Debian. The next step to assess the security state of this device is to compare the list of installed packages with a CVE database to see if there are any known vulnerabilities in any of the installed packages.
@vpetersson
Copy link
Contributor Author

I've reached out to see if we could potentially tap into Snyk for this.

@vpetersson vpetersson mentioned this issue Aug 29, 2019
Closed
This was referenced Aug 30, 2019
Closed
Merged
@rptrchv
Copy link
Contributor

rptrchv commented Sep 19, 2019

@vpetersson how this feature UI should look like?

@vpetersson
Copy link
Contributor Author

I'm thinking the UI would looks something like just a new section under the security tool and then:

  • Found vulnerability in $PACKAGE_NAME. Please consider upgrade to $VERSION_WITH_FIX. Learn more here.

(Where learn more here is a link to the CVE database)

@rptrchv rptrchv mentioned this issue Sep 20, 2019
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

23 cve scan GreatFruitOmsk/api
2 participants
@vpetersson @rptrchv