logo
DATABASE RESOURCES PRICING ABOUT US

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

2022-12-30T18:03:13

Description

Hello everyone! Great news for my open source [Scanvus](<https://github.com/leonov-av/scanvus>) project! You can now perform vulnerability checks on Linux hosts and docker images not only using the [Vulners.com API](<https://vulners.com/docs/API_wrapper/linux_audit/>), but also with the [Vulns.io VM API](<https://vulns.io/>). It's especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. I just had to do the final test. Many thanks to them for this! Alternative video link (for Russia): <https://vk.com/video-149273431_456239113> ## How can the support of these two APIs in Scanvus be useful? 1. Now there is no binding to one vendor. Choose which service and price you prefer. 2. The set of supported operating systems varies between Vulners.com and Vulns.io. If a particular Linux distribution is not supported by one vendor, it may be supported by another vendor. 3. Vulners and Vulns.io implemented vulnerability checks independently of each other. If the results differ when scanning the same host/image, then implementation errors will be clearly visible. 4. Scanvus is released under the MIT license, so you can use it as an example of working with the Vulners.com and Vulns.io APIs and use this code in your projects. ## How to use it? Basically, everything works exactly the same. You only need to specify the API you want to use in the -audit-service parameter. This can be "vulners" (default) or "vulnsio". ### Localhost To begin, I scanned my localhost. This is a completely updated Ubuntu host. Vulners and Vulns.io did not detect security bulletin vulnerabilities there. And this is correct. Vulners did not detect any vulnerabilities at all. $ python3.8 scanvus.py --audit-service vulners --assessment-type localhost /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$ /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/ | $$$$$$ | $$ /$$$$$$$| $$ \ $$ \ $$/$$/| $$ | $$| $$$$$$ \____ $$| $$ /$$__ $$| $$ | $$ \ $$$/ | $$ | $$ \____ $$ /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \ $/ | $$$$$$/ /$$$$$$$/ |_______/ \_______/ \_______/|__/ |__/ \_/ \______/ |_______/ Getting assessment target... assessment_type: localhost host: localhost Getting OS inventory data... os_name: ubuntu os_version: 20.04 package_list_len: 2899 Getting vulnerability data... Getting vulnerability report... ------------- Vulnerability Report for localhost (localhost, ubuntu 20.04, linux kernel 5.4.0-135-generic, 2899 packages) 0 vulnerabilities were found And Vulns.io detected some vulnerabilities. $ python3.8 scanvus.py --audit-service vulnsio --assessment-type localhost /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$ /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/ | $$$$$$ | $$ /$$$$$$$| $$ \ $$ \ $$/$$/| $$ | $$| $$$$$$ \____ $$| $$ /$$__ $$| $$ | $$ \ $$$/ | $$ | $$ \____ $$ /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \ $/ | $$$$$$/ /$$$$$$$/ |_______/ \_______/ \_______/|__/ |__/ \_/ \______/ |_______/ Getting assessment target... assessment_type: localhost host: localhost Getting OS inventory data... os_name: ubuntu os_version: 20.04 package_list_len: 2899 Getting vulnerability data... Getting vulnerability report... ------------- Vulnerability Report for localhost (localhost, ubuntu 20.04, linux kernel 5.4.0-135-generic, 2899 packages) 3 vulnerabilities with levels ['Medium', 'Critical', 'High'] were found +---+----------+-------------+------------------+-------------------------------------------------------------------------------+ | N | Level | Bulletin | CVE | Proof | +---+----------+-------------+------------------+-------------------------------------------------------------------------------+ | 1 | Critical | no advisory | CVE-2021-21783 | apparmor-2.13.3-7ubuntu5.1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2207 | libapparmor1-2.13.3-7ubuntu5.1.amd64 >= 0:0.0.0 | | | | | CVE-2020-12390 | libapparmor1-2.13.3-7ubuntu5.1.i386 >= 0:0.0.0 | | | | | CVE-2021-3773 | chromium-codecs-ffmpeg-extra-1:85.0.4183.83-0ubuntu0.20.04.2.amd64 >= 0:0.0.0 | | | | | CVE-2022-25236 | gstreamer1.0-libav-1.16.2-2.amd64 >= 0:0.0.0 | | | | | CVE-2022-24791 | libqt5webengine-data-5.12.8+dfsg-0ubuntu1.1.all >= 0:0.0.0 | | | | | CVE-2019-15232 | libqt5webengine5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 | | | | | CVE-2020-26972 | libqt5webenginecore5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 | | | | | CVE-2020-12389 | libqt5webenginewidgets5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2042 | firefox-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 | | | | | CVE-2020-13576 | firefox-locale-en-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 | | | | | CVE-2022-23852 | firefox-locale-ru-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 | | | | | CVE-2022-1253 | thunderbird-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 | | | | | CVE-2021-29462 | thunderbird-gnome-support-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 | | | | | CVE-2021-30475 | thunderbird-locale-en-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 | ... Why? Because Vulners and Vulns.io work differently. Vulners only detects vulnerabilities mentioned in bulletins, while Vulns.io also shows vulnerabilities for which there are no bulletins and patches that fix the vulnerability. Such vulnerabilities are grouped by severity with "no advisory" instead of a bulletin identifier. Whether you want to see vulnerabilities that you can't fix yet is up to you. ### Linux host Next, I scanned a test upatched Debian 11 host. $ ssh-copy-id -i ~/.ssh/id_rsa.pub vmuser@192.168.56.105 $ ssh -i ~/.ssh/id_rsa.pub vmuser@192.168.56.105 In this case, vulnerabilities related to security bulletins were detected. And there are not many of them, so the reports can be easily analyzed manually. $ python3.8 scanvus.py --audit-service "vulners" --assessment-type "remote_ssh" --host "192.168.56.105" --user-name "vmuser" --key-path "/home/alexander/.ssh/id_rsa.pub" /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$ /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/ | $$$$$$ | $$ /$$$$$$$| $$ \ $$ \ $$/$$/| $$ | $$| $$$$$$ \____ $$| $$ /$$__ $$| $$ | $$ \ $$$/ | $$ | $$ \____ $$ /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \ $/ | $$$$$$/ /$$$$$$$/ |_______/ \_______/ \_______/|__/ |__/ \_/ \______/ |_______/ Getting assessment target... assessment_type: remote_ssh host: 192.168.56.105 user_name: vmuser key_path: /home/alexander/.ssh/id_rsa.pub Getting OS inventory data... os_name: debian os_version: 11 package_list_len: 364 Getting vulnerability data... Getting vulnerability report... ------------- Vulnerability Report for 192.168.56.105 (remote_ssh, debian 11, linux kernel 5.10.0-17-amd64, 364 packages) 3 vulnerabilities with levels ['High', 'Medium'] were found +---+--------+-------------------------+----------------+------------------------------------------------------------+ | N | Level | Bulletin | CVE | Proof | +---+--------+-------------------------+----------------+------------------------------------------------------------+ | 1 | High | DEBIAN:DLA-3152-1:9B676 | CVE-2016-10228 | libc-bin 2.31-13+deb11u3 amd64 < 2.31-13+deb11u4 | | | | | CVE-2019-19126 | libc6 2.31-13+deb11u3 amd64 < 2.31-13+deb11u4 | | | | | CVE-2019-25013 | locales 2.31-13+deb11u3 all < 2.31-13+deb11u4 | | | | | CVE-2020-10029 | libc-l10n 2.31-13+deb11u3 all < 2.31-13+deb11u4 | | | | | CVE-2020-1752 | | | | | | CVE-2020-27618 | | | | | | CVE-2020-6096 | | | | | | CVE-2021-27645 | | | | | | CVE-2021-3326 | | | | | | CVE-2021-33574 | | | | | | CVE-2021-35942 | | | | | | CVE-2021-3999 | | | | | | CVE-2022-23218 | | | | | | CVE-2022-23219 | | +---+--------+-------------------------+----------------+------------------------------------------------------------+ | 2 | Medium | DEBIAN:DLA-3206-1:5481E | CVE-2019-14870 | krb5-locales 1.18.3-6+deb11u1 all < 1.18.3-6+deb11u3 | | | | | CVE-2021-3671 | libkrb5-3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2021-44758 | libk5crypto3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-3437 | libkrb5support0 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-41916 | libgssapi-krb5-2 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-42898 | | | | | | CVE-2022-44640 | | +---+--------+-------------------------+----------------+------------------------------------------------------------+ | 3 | Medium | DEBIAN:DSA-5287-1:12BD4 | CVE-2021-3671 | krb5-locales 1.18.3-6+deb11u1 all < 1.18.3-6+deb11u3 | | | | | CVE-2021-44758 | libkrb5-3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-3437 | libk5crypto3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-41916 | libkrb5support0 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-42898 | libgssapi-krb5-2 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-44640 | | +---+--------+-------------------------+----------------+------------------------------------------------------------+ $ python3.8 scanvus.py --audit-service "vulnsio" --assessment-type "remote_ssh" --host "192.168.56.105" --user-name "vmuser" --key-path "/home/alexander/.ssh/id_rsa.pub" /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$ /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/ | $$$$$$ | $$ /$$$$$$$| $$ \ $$ \ $$/$$/| $$ | $$| $$$$$$ \____ $$| $$ /$$__ $$| $$ | $$ \ $$$/ | $$ | $$ \____ $$ /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \ $/ | $$$$$$/ /$$$$$$$/ |_______/ \_______/ \_______/|__/ |__/ \_/ \______/ |_______/ Getting assessment target... assessment_type: remote_ssh host: 192.168.56.105 user_name: vmuser key_path: /home/alexander/.ssh/id_rsa.pub Getting OS inventory data... os_name: debian os_version: 11 package_list_len: 364 Getting vulnerability data... Getting vulnerability report... ------------- Vulnerability Report for 192.168.56.105 (remote_ssh, debian 11, linux kernel 5.10.0-17-amd64, 364 packages) 7 vulnerabilities with levels ['Medium', 'Critical', 'High'] were found +---+----------+-------------+------------------+----------------------------------------------------------------+ | N | Level | Bulletin | CVE | Proof | +---+----------+-------------+------------------+----------------------------------------------------------------+ | 1 | Critical | DSA-5236-1 | CVE-2022-40674 | libexpat1-2.2.10-2+deb11u3.amd64 < 0:2.2.10-2+deb11u4 | +---+----------+-------------+------------------+----------------------------------------------------------------+ | 2 | Critical | no advisory | CVE-2022-23303 | apparmor-2.13.6-10.amd64 >= 0:0.0.0 | | | | | CVE-2021-45952 | libapparmor1-2.13.6-10.amd64 >= 0:0.0.0 | | | | | CVE-2022-3491 | bluetooth-5.55-3.1.all >= 0:0.0.0 | | | | | CVE-2020-27619 | bluez-5.55-3.1.amd64 >= 0:0.0.0 | | | | | CVE-2021-43400 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 | | | | | CVE-2021-29921 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 | | | | | CVE-2022-37454 | dnsmasq-base-2.85-1.amd64 >= 0:0.0.0 | | | | | CVE-2019-1010022 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 | | | | | CVE-2005-2541 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 | | | | | CVE-2021-45957 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 | | | | | CVE-2022-46908 | locales-2.31-13+deb11u3.all >= 0:0.0.0 | | | | | CVE-2021-42377 | libdb5.3-5.3.28+dfsg1-0.8.amd64 >= 0:0.0.0 | | | | | CVE-2021-46848 | libpcre2-8-0-10.36-2.amd64 < 0:10.36-2+deb11u1 | | | | | CVE-2022-23304 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2019-8457 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2210 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2042 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-1586 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 | | | | | CVE-2021-45954 | libtasn1-6-4.16.0-2.amd64 < 0:4.16.0-2+deb11u1 | | | | | CVE-2022-1587 | tar-1.34+dfsg-1.amd64 >= 0:0.0.0 | | | | | CVE-2021-45953 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 | | | | | CVE-2016-1585 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2021-45955 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2021-45956 | wpasupplicant-2:2.9.0-21.amd64 >= 0:0.0.0 | | | | | CVE-2021-45951 | | | | | | CVE-2015-20107 | | | | | | CVE-2022-2207 | | | | | | CVE-2022-0318 | | | | | | CVE-2022-1927 | | +---+----------+-------------+------------------+----------------------------------------------------------------+ | 3 | High | DSA-5207-1 | CVE-2022-26373 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 < 0:5.10.136-1 | | | | | CVE-2022-2585 | | | | | | CVE-2022-23816 | | | | | | CVE-2022-2588 | | | | | | CVE-2022-29901 | | | | | | CVE-2022-36946 | | | | | | CVE-2022-2586 | | | | | | CVE-2022-29900 | | | | | | CVE-2022-36879 | | +---+----------+-------------+------------------+----------------------------------------------------------------+ | 4 | High | DSA-5235-1 | CVE-2022-3080 | bind9-dnsutils-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 | | | | | CVE-2022-38177 | bind9-host-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 | | | | | CVE-2022-2795 | bind9-libs-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 | | | | | CVE-2022-38178 | | +---+----------+-------------+------------------+----------------------------------------------------------------+ | 5 | High | no advisory | CVE-2022-1616 | bash-completion-1:2.11-2.all >= 0:0.0.0 | | | | | CVE-2022-31782 | bluetooth-5.55-3.1.all >= 0:0.0.0 | | | | | CVE-2022-0361 | bluez-5.55-3.1.amd64 >= 0:0.0.0 | | | | | CVE-2020-15778 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 | | | | | CVE-2022-3534 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 | | | | | CVE-2021-28831 | cpio-2.13+dfsg-4.amd64 >= 0:0.0.0 | | | | | CVE-2022-43680 | dnsmasq-base-2.85-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-43551 | e2fsprogs-1.46.2-2.amd64 >= 0:0.0.0 | | | | | CVE-2022-0629 | libcom-err2-1.46.2-2.amd64 >= 0:0.0.0 | | | | | CVE-2022-2284 | libext2fs2-1.46.2-2.amd64 >= 0:0.0.0 | | | | | CVE-2021-4173 | libss2-1.46.2-2.amd64 >= 0:0.0.0 | | | | | CVE-2022-0729 | logsave-1.46.2-2.amd64 >= 0:0.0.0 | | | | | CVE-2021-3999 | grub-common-2.04-20.amd64 < 0:2.06-3~deb11u1 | | | | | CVE-2022-2206 | grub-pc-2.04-20.amd64 < 0:2.06-3~deb11u1 | | | | | CVE-2021-3903 | grub-pc-bin-2.04-20.amd64 < 0:2.06-3~deb11u1 | | | | | CVE-2022-1733 | grub2-common-2.04-20.amd64 < 0:2.06-3~deb11u1 | | | | | CVE-2022-1851 | iptables-1.8.7-1.amd64 >= 0:0.0.0 | | | | | CVE-2019-19378 | libip4tc2-1.8.7-1.amd64 >= 0:0.0.0 | | | | | CVE-2016-9918 | libip6tc2-1.8.7-1.amd64 >= 0:0.0.0 | | | | | CVE-2021-42385 | libxtables12-1.8.7-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2581 | krb5-locales-1.18.3-6+deb11u1.all >= 0:0.0.0 | | | | | CVE-2021-42384 | libgssapi-krb5-2-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2021-39537 | libk5crypto3-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-42919 | libkrb5-3-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2021-3973 | libkrb5support0-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2129 | libbpf0-1:0.3-2.amd64 >= 0:0.0.0 | | | | | CVE-2021-4136 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 | | | | | CVE-2017-15131 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 | | | | | CVE-2022-3176 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 | | | | | CVE-2022-2344 | locales-2.31-13+deb11u3.all >= 0:0.0.0 | | | | | CVE-2021-3697 | libcurl3-gnutls-7.74.0-1.3+deb11u2.amd64 >= 0:0.0.0 | | | | | CVE-2017-7246 | libexpat1-2.2.10-2+deb11u3.amd64 < 0:2.2.10-2+deb11u5 | | | | | CVE-2020-26560 | libfreetype6-2.10.4+dfsg-1+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2020-26559 | libgcrypt20-1.8.7-6.amd64 >= 0:0.0.0 | | | | | CVE-2021-39686 | libjansson4-2.13.1-1.1.amd64 >= 0:0.0.0 | | | | | CVE-2022-1247 | libldap-2.4-2-2.4.57+dfsg-3+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2021-42382 | libldap-common-2.4.57+dfsg-3+deb11u1.all >= 0:0.0.0 | | | | | CVE-2017-17740 | libncurses6-6.2+20201114-2.amd64 >= 0:0.0.0 | | | | | CVE-2020-36325 | libncursesw6-6.2+20201114-2.amd64 >= 0:0.0.0 | | | | | CVE-2022-2257 | libtinfo6-6.2+20201114-2.amd64 >= 0:0.0.0 | | | | | CVE-2022-1154 | ncurses-base-6.2+20201114-2.all >= 0:0.0.0 | | | | | CVE-2022-0392 | ncurses-bin-6.2+20201114-2.amd64 >= 0:0.0.0 | | | | | CVE-2022-3297 | ncurses-term-6.2+20201114-2.all >= 0:0.0.0 | | | | | CVE-2021-4192 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 | | | | | CVE-2022-2287 | libperl5.32-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 | | | | | CVE-2022-0408 | perl-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 | | | | | CVE-2022-2571 | perl-base-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 | | | | | CVE-2022-0393 | perl-modules-5.32-5.32.1-4+deb11u2.all >= 0:0.0.0 | | | | | CVE-2022-1619 | libpolkit-agent-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2017-7245 | libpolkit-gobject-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2345 | policykit-1-0.105-31+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-1886 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2021-4204 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-0943 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2264 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-0359 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 | | | | | CVE-2022-0572 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 >= 0:0.0.0 | | | | | CVE-2022-0391 | linux-image-5.10.0-17-amd64-5.10.136-1.amd64 >= 0:0.0.0 | | | | | CVE-2017-11164 | linux-image-amd64-5.10.136-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-0413 | login-1:4.8.1-1.amd64 >= 0:0.0.0 | | | | | CVE-2021-3974 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-1769 | openssh-client-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2021-42378 | openssh-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-0554 | openssh-sftp-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2175 | python3-httplib2-0.18.1-3.all >= 0:0.0.0 | | | | | CVE-2022-0685 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 | | | | | CVE-2022-1621 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2021-36690 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2019-1010023 | xdg-user-dirs-0.17-2.amd64 >= 0:0.0.0 | | | | | CVE-2022-2946 | | | | | | CVE-2018-20796 | | | | | | CVE-2021-38185 | | | | | | CVE-2018-6829 | | | | | | CVE-2022-3424 | | | | | | CVE-2021-21240 | | | | | | CVE-2022-1735 | | | | | | CVE-2022-0204 | | | | | | CVE-2019-9192 | | | | | | CVE-2016-9917 | | | | | | CVE-2022-2849 | | | | | | CVE-2022-2304 | | | | | | CVE-2022-0407 | | | | | | CVE-2021-3737 | | | | | | CVE-2022-2602 | | | | | | CVE-2022-1898 | | | | | | CVE-2022-2845 | | | | | | CVE-2022-0417 | | | | | | CVE-2022-1882 | | | | | | CVE-2013-7445 | | | | | | CVE-2019-20838 | | | | | | CVE-2021-42386 | | | | | | CVE-2022-2289 | | | | | | CVE-2022-1304 | | | | | | CVE-2022-2889 | | | | | | CVE-2022-1629 | | | | | | CVE-2021-41617 | | | | | | CVE-2022-2183 | | | | | | CVE-2022-0351 | | | | | | CVE-2020-11725 | | | | | | CVE-2021-4166 | | | | | | CVE-2022-2817 | | | | | | CVE-2020-26557 | | | | | | CVE-2022-29458 | | | | | | CVE-2021-3968 | | | | | | CVE-2022-25265 | | | | | | CVE-2019-19070 | | | | | | CVE-2021-4037 | | | | | | CVE-2019-12456 | | | | | | CVE-2019-19882 | | | | | | CVE-2021-33560 | | | | | | CVE-2022-2522 | | | | | | CVE-2022-2182 | | | | | | CVE-2012-2663 | | | | | | CVE-2022-1796 | | | | | | CVE-2022-2862 | | | | | | CVE-2022-2286 | | | | | | CVE-2020-16156 | | | | | | CVE-2022-1942 | | | | | | CVE-2022-1679 | | | | | | CVE-2021-26934 | | | | | | CVE-2018-1000500 | | | | | | CVE-2008-4609 | | | | | | CVE-2019-19449 | | | | | | CVE-2021-42381 | | | | | | CVE-2022-0368 | | | | | | CVE-2022-1720 | | | | | | CVE-2022-2125 | | | | | | CVE-2021-3847 | | | | | | CVE-2022-4139 | | | | | | CVE-2022-4378 | | | | | | CVE-2022-1620 | | | | | | CVE-2021-3872 | | | | | | CVE-2022-2126 | | | | | | CVE-2022-0934 | | | | | | CVE-2021-3928 | | | | | | CVE-2022-2000 | | | | | | CVE-2021-42383 | | | | | | CVE-2022-2816 | | | | | | CVE-2021-3984 | | | | | | CVE-2019-19814 | | | | | | CVE-2022-28733 | | | | | | CVE-2021-3927 | | | | | | CVE-2020-12362 | | | | | | CVE-2018-5709 | | | | | | CVE-2011-4116 | | | | | | CVE-2022-35737 | | | | | | CVE-2022-30065 | | | | | | CVE-2022-28734 | | | | | | CVE-2018-7738 | | | | | | CVE-2021-4187 | | | | | | CVE-2021-4069 | | | | | | CVE-2016-2568 | | | | | | CVE-2022-2343 | | | | | | CVE-2021-32078 | | | | | | CVE-2021-28861 | | | | | | CVE-2021-42380 | | | | | | CVE-2022-2819 | | | | | | CVE-2022-1785 | | | | | | CVE-2021-3864 | | | | | | CVE-2022-0443 | | | | | | CVE-2022-2124 | | | | | | CVE-2021-4019 | | | | | | CVE-2022-1968 | | | | | | CVE-2022-28391 | | | | | | CVE-2022-0500 | | | | | | CVE-2022-3775 | | | | | | CVE-2022-1897 | | | | | | CVE-2022-0261 | | | | | | CVE-2021-42379 | | | | | | CVE-2022-2285 | | +---+----------+-------------+------------------+----------------------------------------------------------------+ | 6 | Medium | DSA-5251-1 | CVE-2022-2929 | isc-dhcp-client-4.4.1-2.3.amd64 < 0:4.4.1-2.3+deb11u1 | | | | | CVE-2022-2928 | isc-dhcp-common-4.4.1-2.3.amd64 < 0:4.4.1-2.3+deb11u1 | +---+----------+-------------+------------------+----------------------------------------------------------------+ | 7 | Medium | no advisory | CVE-2019-12380 | avahi-autoipd-0.8-5.amd64 < 0:0.8-5+deb11u1 | | | | | CVE-2021-42376 | bash-5.1-2+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2019-16234 | bluetooth-5.55-3.1.all >= 0:0.0.0 | | | | | CVE-2022-3586 | bluez-5.55-3.1.amd64 >= 0:0.0.0 | | | | | CVE-2008-5367 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 | | | | | CVE-2022-1674 | bsdextrautils-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2021-31879 | bsdutils-1:2.36.1-8+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2018-15919 | eject-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-1771 | fdisk-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2020-36516 | libblkid1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-1280 | libfdisk1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2021-3669 | libmount1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2010-5321 | libsmartcols1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2007-6755 | libuuid1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2020-15719 | mount-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2021-42374 | util-linux-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-28736 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 | | | | | CVE-2016-9804 | coreutils-8.32-4+b1.amd64 >= 0:0.0.0 | | | | | CVE-2021-42375 | grub-common-2.04-20.amd64 < 0:2.06-3~deb11u1 | | | | | CVE-2021-3696 | grub-pc-2.04-20.amd64 < 0:2.06-3~deb11u1 | | | | | CVE-2018-17977 | grub-pc-bin-2.04-20.amd64 < 0:2.06-3~deb11u1 | | | | | CVE-2022-0156 | grub2-common-2.04-20.amd64 < 0:2.06-3~deb11u1 | | | | | CVE-2022-3542 | initramfs-tools-0.140.all >= 0:0.0.0 | | | | | CVE-2016-9799 | initramfs-tools-core-0.140.all >= 0:0.0.0 | | | | | CVE-2011-3389 | krb5-locales-1.18.3-6+deb11u1.all < 0:1.18.3-6+deb11u3 | | | | | CVE-2020-26555 | libgssapi-krb5-2-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 | | | | | CVE-2019-16229 | libk5crypto3-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 | | | | | CVE-2020-24504 | libkrb5-3-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 | | | | | CVE-2017-16231 | libkrb5support0-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 | | | | | CVE-2021-4193 | libbpf0-1:0.3-2.amd64 >= 0:0.0.0 | | | | | CVE-2022-2874 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 | | | | | CVE-2012-4542 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 | | | | | CVE-2022-3715 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 | | | | | CVE-2013-4235 | locales-2.31-13+deb11u3.all >= 0:0.0.0 | | | | | CVE-2016-9798 | libcurl3-gnutls-7.74.0-1.3+deb11u2.amd64 >= 0:0.0.0 | | | | | CVE-2020-0347 | libexpat1-2.2.10-2+deb11u3.amd64 >= 0:0.0.0 | | | | | CVE-2021-22923 | libglib2.0-0-2.66.8-1.amd64 >= 0:0.0.0 | | | | | CVE-2017-14159 | libglib2.0-data-2.66.8-1.all >= 0:0.0.0 | | | | | CVE-2021-3468 | libgnutls30-3.7.1-5+deb11u2.amd64 >= 0:0.0.0 | | | | | CVE-2008-5366 | libldap-2.4-2-2.4.57+dfsg-3+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2012-0039 | libldap-common-2.4.57+dfsg-3+deb11u1.all >= 0:0.0.0 | | | | | CVE-2020-14145 | libnss-systemd-247.3-7.amd64 >= 0:0.0.0 | | | | | CVE-2017-18018 | libpam-systemd-247.3-7.amd64 >= 0:0.0.0 | | | | | CVE-2022-4415 | libsystemd0-247.3-7.amd64 >= 0:0.0.0 | | | | | CVE-2021-44879 | libudev1-247.3-7.amd64 >= 0:0.0.0 | | | | | CVE-2021-3502 | systemd-247.3-7.amd64 >= 0:0.0.0 | | | | | CVE-2022-4095 | systemd-sysv-247.3-7.amd64 >= 0:0.0.0 | | | | | CVE-2022-1420 | systemd-timesyncd-247.3-7.amd64 >= 0:0.0.0 | | | | | CVE-2016-3709 | udev-247.3-7.amd64 >= 0:0.0.0 | | | | | CVE-2019-15794 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 | | | | | CVE-2022-0213 | libpng16-16-1.6.37-3.amd64 >= 0:0.0.0 | | | | | CVE-2022-42328 | libpolkit-agent-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-42329 | libpolkit-gobject-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-42898 | policykit-1-0.105-31+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2015-3276 | libprotobuf-c1-1.3.3-1+b2.amd64 >= 0:0.0.0 | | | | | CVE-2011-4917 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2010-4756 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2021-4189 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2019-16233 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2231 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 | | | | | CVE-2021-4214 | libssl1.1-1.1.1n-0+deb11u3.amd64 >= 0:0.0.0 | | | | | CVE-2014-9892 | openssl-1.1.1n-0+deb11u3.amd64 >= 0:0.0.0 | | | | | CVE-2008-4677 | libxml2-2.9.10+dfsg-6.7+deb11u2.amd64 >= 0:0.0.0 | | | | | CVE-2008-4996 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 >= 0:0.0.0 | | | | | CVE-2020-12364 | linux-image-5.10.0-17-amd64-5.10.136-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2598 | linux-image-amd64-5.10.136-1.amd64 >= 0:0.0.0 | | | | | CVE-2017-1000382 | login-1:4.8.1-1.amd64 >= 0:0.0.0 | | | | | CVE-2021-3426 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 | | | | | CVE-2010-0928 | openssh-client-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-2097 | openssh-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2017-13084 | openssh-sftp-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2008-5135 | os-prober-1.79.amd64 >= 0:0.0.0 | | | | | CVE-2016-9803 | ppp-2.4.9-1+1.amd64 >= 0:0.0.0 | | | | | CVE-2015-3243 | rsyslog-8.2102.0-2+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2017-0630 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 | | | | | CVE-2007-2768 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2021-45941 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2016-10723 | wget-1.21-1+deb11u1.amd64 >= 0:0.0.0 | | | | | CVE-2022-3857 | wpasupplicant-2:2.9.0-21.amd64 >= 0:0.0.0 | | | | | CVE-2021-3658 | | | | | | CVE-2020-26142 | | | | | | CVE-2022-2208 | | | | | | CVE-2022-2873 | | | | | | CVE-2021-45346 | | | | | | CVE-2022-4662 | | | | | | CVE-2022-0714 | | | | | | CVE-2021-4023 | | | | | | CVE-2007-5686 | | | | | | CVE-2019-6129 | | | | | | CVE-2022-3061 | | | | | | CVE-2022-0171 | | | | | | CVE-2020-12363 | | | | | | CVE-2022-33070 | | | | | | CVE-2017-13694 | | | | | | CVE-2021-3714 | | | | | | CVE-2022-1184 | | | | | | CVE-2020-26143 | | | | | | CVE-2019-1010025 | | | | | | CVE-2020-13529 | | | | | | CVE-2019-16089 | | | | | | CVE-2022-0563 | | | | | | CVE-2019-15213 | | | | | | CVE-2019-12379 | | | | | | CVE-2014-9900 | | | | | | CVE-2022-2923 | | | | | | CVE-2019-5062 | | | | | | CVE-2021-30004 | | | | | | CVE-2016-9797 | | | | | | CVE-2016-9801 | | | | | | CVE-2017-13693 | | | | | | CVE-2007-2243 | | | | | | CVE-2019-6110 | | | | | | CVE-2022-0696 | | | | | | CVE-2019-12381 | | | | | | CVE-2021-4115 | | | | | | CVE-2019-16231 | | | | | | CVE-2019-12382 | | | | | | CVE-2022-3344 | | | | | | CVE-2020-14304 | | | | | | CVE-2022-23825 | | | | | | CVE-2019-12455 | | | | | | CVE-2004-0230 | | | | | | CVE-2022-3707 | | | | | | CVE-2019-16230 | | | | | | CVE-2019-1010024 | | | | | | CVE-2020-26140 | | | | | | CVE-2016-20012 | | | | | | CVE-2021-22922 | | | | | | CVE-2021-3759 | | | | | | CVE-2022-0480 | | | | | | CVE-2011-4916 | | | | | | CVE-2005-3660 | | | | | | CVE-2010-4563 | | | | | | CVE-2016-8660 | | | | | | CVE-2008-3234 | | | | | | CVE-2013-0340 | | | | | | CVE-2019-20794 | | | | | | CVE-2016-2781 | | | | | | CVE-2019-16232 | | | | | | CVE-2021-33061 | | | | | | CVE-2022-3628 | | | | | | CVE-2018-12928 | | | | | | CVE-2022-28735 | | | | | | CVE-2018-1121 | | | | | | CVE-2022-1462 | | | | | | CVE-2022-43552 | | | | | | CVE-2016-9800 | | | | | | CVE-2019-12378 | | | | | | CVE-2021-4149 | | | | | | CVE-2011-4915 | | | | | | CVE-2020-15802 | | | | | | CVE-2021-45940 | | | | | | CVE-2022-2153 | | | | | | CVE-2022-4543 | | | | | | CVE-2021-41229 | | | | | | CVE-2008-2544 | | | | | | CVE-2016-9802 | | | | | | CVE-2022-3606 | | | | | | CVE-2022-0400 | | | | | | CVE-2022-0319 | | | | | | CVE-2022-21505 | | | | | | CVE-2021-3733 | | | | | | CVE-2021-42373 | | | | | | CVE-2021-3695 | | +---+----------+-------------+------------------+----------------------------------------------------------------+ And we can see that the APIs returned different detection results for the DSA/DLA bulletins. The intersection of the sets is empty. **Vulners ∖ VulnsIO:** 3 {'DLA-3206-1', 'DSA-5287-1', 'DLA-3152-1'} **Vulners ∩ VulnsIO:** 0 set() **VulnsIO ∖ Vulners:** 4 {'DSA-5207-1', 'DSA-5235-1', 'DSA-5236-1', 'DSA-5251-1'} At the same time, proofs look convincing at first glance. In this episode, I won't go into why there is such a difference in Debian vulnerability detection results. Perhaps the answer is in the operation of the API, and perhaps in the collection of data from the host. I think we will solve this with colleagues from Vulners and Vulns.io. I'm just pointing out again that vulnerability detection is not that easy and it's good when you can use several independent detection engines and compare the results. ### Docker image Next, I check the vulnerabilities for the Docker image. It is also based on Debian 11. $ python3.8 scanvus.py --audit-service vulners --assessment-type "docker_image" --docker-image "python:3.9.6-slim-bullseye" /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$ /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/ | $$$$$$ | $$ /$$$$$$$| $$ \ $$ \ $$/$$/| $$ | $$| $$$$$$ \____ $$| $$ /$$__ $$| $$ | $$ \ $$$/ | $$ | $$ \____ $$ /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \ $/ | $$$$$$/ /$$$$$$$/ |_______/ \_______/ \_______/|__/ |__/ \_/ \______/ |_______/ Getting assessment target... assessment_type: docker_image docker_image: python:3.9.6-slim-bullseye Getting OS inventory data... os_name: debian os_version: 11 package_list_len: 105 Getting vulnerability data... Getting vulnerability report... ------------- Vulnerability Report for python:3.9.6-slim-bullseye (docker_image, debian 11, linux kernel 5.4.0-135-generic, 105 packages) 22 vulnerabilities with levels ['Critical', 'High', 'Medium'] were found +----+----------+-------------------------+----------------+----------------------------------------------------+ | N | Level | Bulletin | CVE | Proof | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 1 | Critical | DEBIAN:DLA-2904-1:6B1FD | CVE-2021-45960 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 | | | | | CVE-2021-46143 | | | | | | CVE-2022-22822 | | | | | | CVE-2022-22823 | | | | | | CVE-2022-22824 | | | | | | CVE-2022-22825 | | | | | | CVE-2022-22826 | | | | | | CVE-2022-22827 | | | | | | CVE-2022-23852 | | | | | | CVE-2022-23990 | | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 2 | Critical | DEBIAN:DLA-3008-1:E2717 | CVE-2022-1292 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 | | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 3 | Critical | DEBIAN:DSA-5073-1:5DBA9 | CVE-2021-45960 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 | | | | | CVE-2021-46143 | | | | | | CVE-2022-22822 | | | | | | CVE-2022-22823 | | | | | | CVE-2022-22824 | | | | | | CVE-2022-22825 | | | | | | CVE-2022-22826 | | | | | | CVE-2022-22827 | | | | | | CVE-2022-23852 | | | | | | CVE-2022-23990 | | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 4 | Critical | DEBIAN:DSA-5139-1:0E208 | CVE-2022-1292 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 | | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 5 | Critical | DEBIAN:DSA-5169-1:87483 | CVE-2022-2068 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u3 | | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u3 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 6 | High | DEBIAN:DLA-2935-1:EEAAD | CVE-2022-23852 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 | | | | | CVE-2022-25235 | | | | | | CVE-2022-25236 | | | | | | CVE-2022-25313 | | | | | | CVE-2022-25315 | | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 7 | High | DEBIAN:DLA-3022-1:26EFE | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 8 | High | DEBIAN:DLA-3152-1:9B676 | CVE-2016-10228 | libc-bin 2.31-13 amd64 < 2.31-13+deb11u3 | | | | | CVE-2019-19126 | libc6 2.31-13 amd64 < 2.31-13+deb11u3 | | | | | CVE-2019-25013 | | | | | | CVE-2020-10029 | | | | | | CVE-2020-1752 | | | | | | CVE-2020-27618 | | | | | | CVE-2020-6096 | | | | | | CVE-2021-27645 | | | | | | CVE-2021-3326 | | | | | | CVE-2021-33574 | | | | | | CVE-2021-35942 | | | | | | CVE-2021-3999 | | | | | | CVE-2022-23218 | | | | | | CVE-2022-23219 | | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 9 | High | DEBIAN:DSA-4963-1:90BFC | CVE-2021-3711 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 | | | | | CVE-2021-3712 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 10 | High | DEBIAN:DSA-4963-1:DA7BC | CVE-2021-3711 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 | | | | | CVE-2021-3712 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 11 | High | DEBIAN:DSA-5085-1:EC5E7 | CVE-2022-25235 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u2 | | | | | CVE-2022-25236 | | | | | | CVE-2022-25313 | | | | | | CVE-2022-25314 | | | | | | CVE-2022-25315 | | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 12 | High | DEBIAN:DSA-5085-2:292DA | CVE-2022-25236 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u3 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 13 | High | DEBIAN:DSA-5147-1:638F9 | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 14 | Medium | DEBIAN:DLA-2766-1:9EFDC | CVE-2021-3712 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 | | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 15 | Medium | DEBIAN:DLA-2771-1:D1964 | CVE-2018-20217 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u1 | | | | | CVE-2018-5729 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u1 | | | | | CVE-2018-5730 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u1 | | | | | CVE-2021-37750 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u1 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 16 | Medium | DEBIAN:DLA-2774-1:D8CE0 | CVE-2021-3712 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 | | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 17 | Medium | DEBIAN:DLA-2952-1:7651B | CVE-2019-1551 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 | | | | | CVE-2022-0778 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 18 | Medium | DEBIAN:DLA-2953-1:551CB | CVE-2022-0778 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 | | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 19 | Medium | DEBIAN:DLA-3206-1:5481E | CVE-2019-14870 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2021-3671 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2021-44758 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-3437 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-41916 | | | | | | CVE-2022-42898 | | | | | | CVE-2022-44640 | | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 20 | Medium | DEBIAN:DSA-5103-1:C47DD | CVE-2021-4160 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 | | | | | CVE-2022-0778 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 21 | Medium | DEBIAN:DSA-5174-1:32717 | CVE-2022-34903 | gpgv 2.2.27-2 amd64 < 2.2.27-2+deb11u2 | +----+----------+-------------------------+----------------+----------------------------------------------------+ | 22 | Medium | DEBIAN:DSA-5287-1:12BD4 | CVE-2021-3671 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2021-44758 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-3437 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-41916 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u3 | | | | | CVE-2022-42898 | | | | | | CVE-2022-44640 | | +----+----------+-------------------------+----------------+----------------------------------------------------+ $ python3.8 scanvus.py --audit-service vulnsio --assessment-type "docker_image" --docker-image "python:3.9.6-slim-bullseye" /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$ /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/ | $$$$$$ | $$ /$$$$$$$| $$ \ $$ \ $$/$$/| $$ | $$| $$$$$$ \____ $$| $$ /$$__ $$| $$ | $$ \ $$$/ | $$ | $$ \____ $$ /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \ $/ | $$$$$$/ /$$$$$$$/ |_______/ \_______/ \_______/|__/ |__/ \_/ \______/ |_______/ Getting assessment target... assessment_type: docker_image docker_image: python:3.9.6-slim-bullseye Getting OS inventory data... os_name: debian os_version: 11 package_list_len: 105 Getting vulnerability data... Getting vulnerability report... ------------- Vulnerability Report for python:3.9.6-slim-bullseye (docker_image, debian 11, linux kernel 5.4.0-135-generic, 105 packages) 19 vulnerabilities with levels ['Critical', 'High', 'Medium'] were found +----+----------+-------------+------------------+--------------------------------------------------------+ | N | Level | Bulletin | CVE | Proof | +----+----------+-------------+------------------+--------------------------------------------------------+ | 1 | Critical | DSA-4963-1 | CVE-2021-3711 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u1 | | | | | CVE-2021-3712 | openssl-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u1 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 2 | Critical | DSA-5073-1 | CVE-2022-23852 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u1 | | | | | CVE-2022-23990 | | | | | | CVE-2021-46143 | | | | | | CVE-2022-22824 | | | | | | CVE-2022-22827 | | | | | | CVE-2021-45960 | | | | | | CVE-2022-22822 | | | | | | CVE-2022-22825 | | | | | | CVE-2022-22823 | | | | | | CVE-2022-22826 | | +----+----------+-------------+------------------+--------------------------------------------------------+ | 3 | Critical | DSA-5085-1 | CVE-2022-25236 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u2 | | | | | CVE-2022-25314 | | | | | | CVE-2022-25235 | | | | | | CVE-2022-25315 | | | | | | CVE-2022-25313 | | +----+----------+-------------+------------------+--------------------------------------------------------+ | 4 | Critical | DSA-5139-1 | CVE-2022-1292 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u2 | | | | | | openssl-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u2 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 5 | Critical | DSA-5147-1 | CVE-2022-1664 | dpkg-1.20.9.amd64 < 0:1.20.10 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 6 | Critical | DSA-5169-1 | CVE-2022-2068 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u3 | | | | | | openssl-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u3 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 7 | Critical | DSA-5218-1 | CVE-2022-37434 | zlib1g-1:1.2.11.dfsg-2.amd64 < 1:1.2.11.dfsg-2+deb11u2 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 8 | Critical | DSA-5236-1 | CVE-2022-40674 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u4 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 9 | Critical | no advisory | CVE-2022-23218 | libc-bin-2.31-13.amd64 < 0:2.31-13+deb11u3 | | | | | CVE-2022-46908 | libc6-2.31-13.amd64 < 0:2.31-13+deb11u3 | | | | | CVE-2019-1010022 | libdb5.3-5.3.28+dfsg1-0.8.amd64 >= 0:0.0.0 | | | | | CVE-2022-23219 | libpcre2-8-0-10.36-2.amd64 < 0:10.36-2+deb11u1 | | | | | CVE-2019-8457 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 | | | | | CVE-2021-33574 | libtasn1-6-4.16.0-2.amd64 < 0:4.16.0-2+deb11u1 | | | | | CVE-2005-2541 | tar-1.34+dfsg-1.amd64 >= 0:0.0.0 | | | | | CVE-2022-1587 | | | | | | CVE-2022-1586 | | | | | | CVE-2021-46848 | | +----+----------+-------------+------------------+--------------------------------------------------------+ | 10 | High | DSA-5103-1 | CVE-2022-0778 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u2 | | | | | CVE-2021-4160 | openssl-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u2 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 11 | High | DSA-5111-1 | CVE-2018-25032 | zlib1g-1:1.2.11.dfsg-2.amd64 < 1:1.2.11.dfsg-2+deb11u1 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 12 | High | DSA-5122-1 | CVE-2022-1271 | gzip-1.10-4.amd64 < 0:1.10-4+deb11u1 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 13 | High | DSA-5123-1 | CVE-2022-1271 | liblzma5-5.2.5-2.amd64 < 0:5.2.5-2.1~deb11u1 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 14 | High | DSA-5200-1 | CVE-2021-46828 | libtirpc-common-1.3.1-1.all < 0:1.3.1-1+deb11u1 | | | | | | libtirpc3-1.3.1-1.amd64 < 0:1.3.1-1+deb11u1 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 15 | High | DSA-5203-1 | CVE-2022-2509 | libgnutls30-3.7.1-5.amd64 < 0:3.7.1-5+deb11u2 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 16 | High | no advisory | CVE-2022-29458 | e2fsprogs-1.46.2-2.amd64 >= 0:0.0.0 | | | | | CVE-2018-6829 | libcom-err2-1.46.2-2.amd64 >= 0:0.0.0 | | | | | CVE-2021-43618 | libext2fs2-1.46.2-2.amd64 >= 0:0.0.0 | | | | | CVE-2019-20838 | libss2-1.46.2-2.amd64 >= 0:0.0.0 | | | | | CVE-2021-36690 | logsave-1.46.2-2.amd64 >= 0:0.0.0 | | | | | CVE-2019-19882 | libc-bin-2.31-13.amd64 < 0:2.31-13+deb11u3 | | | | | CVE-2011-4116 | libc6-2.31-13.amd64 < 0:2.31-13+deb11u3 | | | | | CVE-2022-1304 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u5 | | | | | CVE-2017-7246 | libgcrypt20-1.8.7-6.amd64 >= 0:0.0.0 | | | | | CVE-2018-20796 | libgmp10-2:6.2.1+dfsg-1.amd64 < 2:6.2.1+dfsg-1+deb11u1 | | | | | CVE-2019-1010023 | libgssapi-krb5-2-1.18.3-6.amd64 >= 0:0.0.0 | | | | | CVE-2021-39537 | libk5crypto3-1.18.3-6.amd64 >= 0:0.0.0 | | | | | CVE-2020-16156 | libkrb5-3-1.18.3-6.amd64 >= 0:0.0.0 | | | | | CVE-2022-43680 | libkrb5support0-1.18.3-6.amd64 >= 0:0.0.0 | | | | | CVE-2018-5709 | libncursesw6-6.2+20201114-2.amd64 >= 0:0.0.0 | | | | | CVE-2019-9192 | libtinfo6-6.2+20201114-2.amd64 >= 0:0.0.0 | | | | | CVE-2021-3999 | ncurses-base-6.2+20201114-2.all >= 0:0.0.0 | | | | | CVE-2017-7245 | ncurses-bin-6.2+20201114-2.amd64 >= 0:0.0.0 | | | | | CVE-2017-11164 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 | | | | | CVE-2022-35737 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 | | | | | CVE-2021-43396 | login-1:4.8.1-1.amd64 >= 0:0.0.0 | | | | | CVE-2021-33560 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 | | | | | | perl-base-5.32.1-4+deb11u1.amd64 >= 0:0.0.0 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 17 | Medium | DSA-5055-1 | CVE-2021-3996 | bsdutils-1:2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 | | | | | CVE-2021-3995 | libblkid1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 | | | | | | libmount1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 | | | | | | libsmartcols1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 | | | | | | libuuid1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 | | | | | | mount-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 | | | | | | util-linux-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 18 | Medium | DSA-5174-1 | CVE-2022-34903 | gpgv-2.2.27-2.amd64 < 0:2.2.27-2+deb11u2 | +----+----------+-------------+------------------+--------------------------------------------------------+ | 19 | Medium | no advisory | CVE-2022-2097 | bash-5.1-2+b3.amd64 >= 0:0.0.0 | | | | | CVE-2013-4235 | bsdutils-1:2.36.1-8.amd64 >= 0:0.0.0 | | | | | CVE-2019-1010024 | libblkid1-2.36.1-8.amd64 >= 0:0.0.0 | | | | | CVE-2010-0928 | libmount1-2.36.1-8.amd64 >= 0:0.0.0 | | | | | CVE-2021-4209 | libsmartcols1-2.36.1-8.amd64 >= 0:0.0.0 | | | | | CVE-2016-2781 | libuuid1-2.36.1-8.amd64 >= 0:0.0.0 | | | | | CVE-2017-16231 | mount-2.36.1-8.amd64 >= 0:0.0.0 | | | | | CVE-2022-42898 | util-linux-2.36.1-8.amd64 >= 0:0.0.0 | | | | | CVE-2017-18018 | coreutils-8.32-4+b1.amd64 >= 0:0.0.0 | | | | | CVE-2021-45346 | libc-bin-2.31-13.amd64 >= 0:0.0.0 | | | | | CVE-2021-37750 | libc6-2.31-13.amd64 >= 0:0.0.0 | | | | | CVE-2007-6755 | libexpat1-2.2.10-2.amd64 >= 0:0.0.0 | | | | | CVE-2010-4756 | libgnutls30-3.7.1-5.amd64 >= 0:0.0.0 | | | | | CVE-2013-0340 | libgssapi-krb5-2-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 | | | | | CVE-2021-3997 | libk5crypto3-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 | | | | | CVE-2011-3389 | libkrb5-3-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 | | | | | CVE-2022-3715 | libkrb5support0-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 | | | | | CVE-2022-0563 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 | | | | | CVE-2020-13529 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 | | | | | CVE-2022-4415 | libssl1.1-1.1.1k-1.amd64 >= 0:0.0.0 | | | | | CVE-2019-1010025 | openssl-1.1.1k-1.amd64 >= 0:0.0.0 | | | | | CVE-2007-5686 | libsystemd0-247.3-6.amd64 < 0:247.3-7 | | | | | | libudev1-247.3-6.amd64 < 0:247.3-7 | | | | | | login-1:4.8.1-1.amd64 >= 0:0.0.0 | | | | | | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 | +----+----------+-------------+------------------+--------------------------------------------------------+ In this case, more vulnerabilities were detected. We can also see a big difference in the results, but there is already some intersection of the sets. **Vulners ∖ VulnsIO:** 13 {'DSA-5287-1', 'DLA-2771-1', 'DLA-2904-1', 'DLA-3022-1', 'DLA-3206-1', 'DLA-2766-1', 'DLA-2935-1', 'DLA-2774-1', 'DLA-3008-1', 'DLA-3152-1', 'DLA-2953-1', 'DSA-5085-2', 'DLA-2952-1'} **Vulners ∩ VulnsIO:** 8 {'DSA-5147-1', 'DSA-5073-1', 'DSA-5174-1', 'DSA-4963-1', 'DSA-5169-1', 'DSA-5139-1', 'DSA-5085-1', 'DSA-5103-1'} **VulnsIO ∖ Vulners:** 8 {'DSA-5111-1', 'DSA-5055-1', 'DSA-5123-1', 'DSA-5122-1', 'DSA-5236-1', 'DSA-5203-1', 'DSA-5218-1', 'DSA-5200-1'} We can look at one bulletin that was detected by two APIs. Vulners: | 13 | High | DEBIAN:DSA-5147-1:638F9 | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 | Vulns.io: | 5 | Critical | DSA-5147-1 | CVE-2022-1664 | dpkg-1.20.9.amd64 < 0:1.20.10 | As you can see from the proofs, the detection criteria are the same. And this is good. I would also like to draw attention to the different values of the criticality level for the bulletin. [Debian does not provide](<https://www.debian.org/security/2022/dsa-5147>) a this criticality level, apparently it is calculated by the vendors based on CVSS, but in different ways. ## What's next? As we can see, support for the Vulners.com and Vulns.io APIs in Scanvus opens up new opportunities for testing the correctness of the detection for all supported Linux distributions. Currently, support for the Vulners.com API and support for the Vulns.io API are implemented equally, but they are implemented independently. The bash inventory scripts for each of the APIs are different. Two independent reporting functions are also used. It seems right to **unify the inventory script** so that the same inventory results can be checked with Vulners.com and Vulns.io. It also seems right to create a **single format for presenting detection results** and convert raw results from APIs into this format. This format could be used for reporting and further integrations. In this way, it will be possible to debug the scheme for adding new APIs to Scanvus.


Related


thn
info

14 New Security Flaws Found in BusyBox Linux Utility for Embedded Devices

2021-11-10T08:08:00
fedora
unix

[SECURITY] Fedora 33 Update: busybox-1.34.1-1.fc33

2021-11-25T01:05:24
fedora
unix

[SECURITY] Fedora 34 Update: busybox-1.34.1-1.fc34

2021-11-25T00:59:07
fedora
unix

[SECURITY] Fedora 35 Update: vim-8.2.5172-1.fc35

2022-07-04T01:11:06
fedora
unix

[SECURITY] Fedora 36 Update: vim-8.2.5172-1.fc36

2022-06-30T01:22:15
fedora
unix

[SECURITY] Fedora 34 Update: vim-8.2.4460-1.fc34

2022-02-25T17:03:47
fedora
unix

[SECURITY] Fedora 34 Update: vim-8.2.3755-1.fc34

2021-12-16T01:13:59
fedora
unix

[SECURITY] Fedora 35 Update: vim-9.0.049-1.fc35

2022-07-21T17:10:23
fedora
unix

[SECURITY] Fedora 36 Update: grub2-2.06-42.fc36

2022-06-10T01:15:49
fedora
unix

[SECURITY] Fedora 35 Update: grub2-2.06-11.fc35

2022-06-22T01:25:16
nessus
scanner

EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-2336)

2022-09-14T00:00:00
nessus
scanner

EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-2307)

2022-09-14T00:00:00
nessus
scanner

EulerOS Virtualization 3.0.2.2 : vim (EulerOS-SA-2023-1303)

2023-01-30T00:00:00
nessus
scanner

EulerOS Virtualization 3.0.6.6 : vim (EulerOS-SA-2022-2541)

2022-10-09T00:00:00
nessus
scanner

EulerOS Virtualization 2.9.1 : vim (EulerOS-SA-2022-2369)

2022-09-24T00:00:00
nessus
scanner

EulerOS Virtualization 2.9.0 : vim (EulerOS-SA-2022-2405)

2022-09-23T00:00:00
nessus
scanner

EulerOS 2.0 SP10 : busybox (EulerOS-SA-2022-1463)

2022-04-20T00:00:00
nessus
scanner

EulerOS 2.0 SP10 : busybox (EulerOS-SA-2022-1472)

2022-04-20T00:00:00
nessus
scanner

EulerOS 2.0 SP9 : busybox (EulerOS-SA-2022-1287)

2022-03-02T00:00:00
nessus
scanner

EulerOS 2.0 SP9 : busybox (EulerOS-SA-2022-1303)

2022-03-02T00:00:00
nessus
scanner

EulerOS Virtualization 3.0.6.0 : vim (EulerOS-SA-2022-2594)

2022-10-10T00:00:00
nessus
scanner

EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-2897)

2022-12-27T00:00:00
nessus
scanner

EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2022-2879)

2022-12-27T00:00:00
nessus
scanner

Amazon Linux 2022 : (ALAS2022-2022-116)

2022-09-06T00:00:00
nessus
scanner

Ubuntu 18.04 LTS / 20.04 LTS / 21.04 / 21.10 : BusyBox vulnerabilities (USN-5179-1)

2021-12-08T00:00:00
nessus
scanner

EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2022-2042)

2022-07-14T00:00:00
nessus
scanner

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : vim (SUSE-SU-2022:3229-1)

2022-09-10T00:00:00
nessus
scanner

EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-2436)

2022-10-08T00:00:00
nessus
scanner

EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-2423)

2022-10-08T00:00:00
nessus
scanner

EulerOS 2.0 SP3 : vim (EulerOS-SA-2022-2639)

2022-10-28T00:00:00
nessus
scanner

Debian DLA-3152-1 : glibc - LTS security update

2022-10-23T00:00:00
nessus
scanner

Amazon Linux 2 : vim (ALAS-2022-1829)

2022-07-21T00:00:00
nessus
scanner

Amazon Linux AMI : vim (ALAS-2022-1628)

2022-08-05T00:00:00
nessus
scanner

dnsmasq 2.86 Multiple Vulnerabilities

2022-02-09T00:00:00
nessus
scanner

Amazon Linux 2023 : expat, expat-devel, expat-static (ALAS2023-2023-058)

2023-03-21T00:00:00
nessus
scanner

GLSA-202208-32 : Vim, gVim: Multiple Vulnerabilities

2022-08-21T00:00:00
nessus
scanner

Debian DLA-2947-1 : vim - LTS security update

2022-03-16T00:00:00
nessus
scanner

Amazon Linux 2 : vim (ALAS-2022-1743)

2022-02-14T00:00:00
nessus
scanner

Amazon Linux AMI : vim (ALAS-2022-1557)

2022-01-20T00:00:00
nessus
scanner

EulerOS 2.0 SP8 : vim (EulerOS-SA-2022-2483)

2022-10-09T00:00:00
nessus
scanner

EulerOS Virtualization 3.0.6.0 : expat (EulerOS-SA-2022-2555)

2022-10-10T00:00:00
nessus
scanner

Amazon Linux 2022 : expat (ALAS2022-2022-232)

2022-12-09T00:00:00
nessus
scanner

EulerOS Virtualization 2.10.1 : expat (EulerOS-SA-2022-2050)

2022-07-14T00:00:00
nessus
scanner

EulerOS Virtualization 2.10.0 : expat (EulerOS-SA-2022-2022)

2022-07-15T00:00:00
nessus
scanner

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-098)

2023-03-21T00:00:00
nessus
scanner

Amazon Linux 2022 : (ALAS2022-2022-155)

2022-10-20T00:00:00
nessus
scanner

GLSA-202209-24 : Expat: Multiple Vulnerabilities

2022-09-29T00:00:00
nessus
scanner

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20201105.30398)

2022-09-27T00:00:00
nessus
scanner

EulerOS 2.0 SP5 : vim (EulerOS-SA-2022-2451)

2022-10-08T00:00:00
nessus
scanner

EulerOS Virtualization 2.9.0 : vim (EulerOS-SA-2022-1641)

2022-05-05T00:00:00
nessus
scanner

EulerOS Virtualization 2.9.1 : vim (EulerOS-SA-2022-1617)

2022-05-05T00:00:00
nessus
scanner

EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-1462)

2022-04-18T00:00:00
nessus
scanner

EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-1441)

2022-04-18T00:00:00
nessus
scanner

EulerOS 2.0 SP5 : vim (EulerOS-SA-2022-2282)

2022-08-17T00:00:00
nessus
scanner

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : vim (SUSE-SU-2022:2102-1)

2022-06-17T00:00:00
nessus
scanner

EulerOS 2.0 SP8 : vim (EulerOS-SA-2022-2237)

2022-08-17T00:00:00
nessus
scanner

Debian DLA-3182-1 : vim - LTS security update

2022-11-10T00:00:00
nessus
scanner

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 21.10 : Expat vulnerabilities (USN-5288-1)

2022-02-21T00:00:00
nessus
scanner

EulerOS 2.0 SP3 : expat (EulerOS-SA-2022-1716)

2022-05-26T00:00:00
nessus
scanner

EulerOS Virtualization 3.0.2.2 : expat (EulerOS-SA-2023-1252)

2023-01-30T00:00:00
nessus
scanner

Oracle Linux 8 : expat (ELSA-2022-0951)

2022-03-16T00:00:00
nessus
scanner

RHEL 8 : expat (RHSA-2022:0951)

2022-03-17T00:00:00
nessus
scanner

RHEL 7 : expat (RHSA-2022:1069)

2022-03-29T00:00:00
nessus
scanner

Oracle Linux 7 : expat (ELSA-2022-1069)

2022-03-29T00:00:00
nessus
scanner

NewStart CGSL CORE 5.04 / MAIN 5.04 : expat Multiple Vulnerabilities (NS-SA-2022-0082)

2022-11-15T00:00:00
nessus
scanner

NewStart CGSL MAIN 6.02 : expat Multiple Vulnerabilities (NS-SA-2022-0098)

2022-11-15T00:00:00
nessus
scanner

CentOS 7 : expat (CESA-2022:1069)

2022-03-30T00:00:00
nessus
scanner

EulerOS Virtualization 3.0.2.2 : bluez (EulerOS-SA-2021-2129)

2021-07-06T00:00:00
nessus
scanner

EulerOS 2.0 SP2 : bluez (EulerOS-SA-2019-2380)

2019-12-10T00:00:00
nessus
scanner

EulerOS 2.0 SP3 : bluez (EulerOS-SA-2019-2559)

2019-12-19T00:00:00
nessus
scanner

EulerOS Virtualization 3.0.2.6 : bluez (EulerOS-SA-2021-1427)

2021-03-10T00:00:00
nessus
scanner

EulerOS Virtualization 3.0.6.6 : bluez (EulerOS-SA-2021-1460)

2021-03-10T00:00:00
nessus
scanner

EulerOS 2.0 SP5 : bluez (EulerOS-SA-2021-1179)

2021-02-04T00:00:00
nessus
scanner

EulerOS Virtualization 3.0.2.0 : vim (EulerOS-SA-2022-1699)

2022-05-07T00:00:00
nessus
scanner

NewStart CGSL MAIN 6.02 : glibc Multiple Vulnerabilities (NS-SA-2022-0085)

2022-11-14T00:00:00
nessus
scanner

EulerOS 2.0 SP8 : vim (EulerOS-SA-2022-1591)

2022-04-25T00:00:00
nessus
scanner

Amazon Linux AMI : vim (ALAS-2022-1579)

2022-04-06T00:00:00
nessus
scanner

Debian DLA-2904-1 : expat - LTS security update

2022-01-31T00:00:00
nessus
scanner

Debian DSA-5073-1 : expat - security update

2022-02-13T00:00:00
nessus
scanner

EulerOS Virtualization 2.9.0 : expat (EulerOS-SA-2022-1628)

2022-05-05T00:00:00
nessus
scanner

EulerOS Virtualization 2.9.1 : expat (EulerOS-SA-2022-1605)

2022-05-05T00:00:00
nessus
scanner

EulerOS 2.0 SP9 : expat (EulerOS-SA-2022-1425)

2022-04-18T00:00:00
nessus
scanner

EulerOS 2.0 SP9 : expat (EulerOS-SA-2022-1446)

2022-04-18T00:00:00
nessus
scanner

EulerOS Virtualization 3.0.2.0 : expat (EulerOS-SA-2022-1679)

2022-05-07T00:00:00
nessus
scanner

EulerOS 2.0 SP3 : xulrunner (EulerOS-SA-2022-1774)

2022-05-26T00:00:00
nessus
scanner

Tenable Nessus 10.x < 10.1.1 / 8.x < 8.15.3 Third-Party Vulnerabilities (TNS-2022-05)

2022-02-08T00:00:00
nessus
scanner

EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-2070)

2022-07-14T00:00:00
nessus
scanner

EulerOS 2.0 SP3 : vim (EulerOS-SA-2022-1769)

2022-05-26T00:00:00
nessus
scanner

Fedora 34 : 2:vim (2022-48bf3cb1c4)

2022-02-25T00:00:00
nessus
scanner

Amazon Linux AMI : busybox (ALAS-2022-1558)

2022-01-19T00:00:00
nessus
scanner

EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1669)

2022-05-06T00:00:00
nessus
scanner

EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1655)

2022-05-06T00:00:00
nessus
scanner

Debian DLA-3206-1 : heimdal - LTS security update

2022-11-27T00:00:00
nessus
scanner

openSUSE 15 Security Update : libheimdal (openSUSE-SU-2023:0019-1)

2023-01-17T00:00:00
nessus
scanner

openSUSE 15 Security Update : libheimdal (openSUSE-SU-2023:0020-1)

2023-01-17T00:00:00
nessus
scanner

Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5460-1)

2022-06-06T00:00:00
nessus
scanner

Amazon Linux AMI : vim (ALAS-2022-1639)

2022-10-21T00:00:00
nessus
scanner

SUSE SLES12 Security Update : vim (SUSE-SU-2022:4619-1)

2022-12-28T00:00:00
nessus
scanner

Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5433-1)

2022-05-24T00:00:00
nessus
scanner

Amazon Linux 2 : vim (ALAS-2022-1805)

2022-06-07T00:00:00
nessus
scanner

EulerOS Virtualization 3.0.2.6 : vim (EulerOS-SA-2023-1053)

2023-01-06T00:00:00
nessus
scanner

SUSE SLED15 / SLES15 Security Update : expat (SUSE-SU-2022:0178-1)

2022-01-26T00:00:00
nessus
scanner

SUSE SLES11 Security Update : expat (SUSE-SU-2022:14878-1)

2022-01-26T00:00:00
nessus
scanner

SUSE SLES12 Security Update : expat (SUSE-SU-2022:0179-1)

2022-01-26T00:00:00
nessus
scanner

openSUSE 15 Security Update : expat (openSUSE-SU-2022:0178-1)

2022-01-26T00:00:00
nessus
scanner

Slackware Linux 14.0 / 14.1 / 14.2 / current expat Multiple Vulnerabilities (SSA:2022-016-01)

2022-01-16T00:00:00
nessus
scanner

EulerOS 2.0 SP10 : expat (EulerOS-SA-2022-1483)

2022-04-20T00:00:00
nessus
scanner

EulerOS 2.0 SP8 : expat (EulerOS-SA-2022-1342)

2022-03-28T00:00:00
nessus
scanner

EulerOS 2.0 SP10 : expat (EulerOS-SA-2022-1502)

2022-04-20T00:00:00
nessus
scanner

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : grub2 (SUSE-SU-2022:2035-1)

2022-06-11T00:00:00
nessus
scanner

SUSE SLES15 Security Update : grub2 (SUSE-SU-2022:2074-1)

2022-06-15T00:00:00
nessus
scanner

EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2022-2242)

2022-08-17T00:00:00
nessus
scanner

EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2022-2255)

2022-08-17T00:00:00
nessus
scanner

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : grub2 (SUSE-SU-2022:2064-1)

2022-06-14T00:00:00
nessus
scanner

EulerOS Virtualization 2.10.1 : grub2 (EulerOS-SA-2022-2883)

2022-12-27T00:00:00
nessus
scanner

EulerOS Virtualization 2.10.0 : grub2 (EulerOS-SA-2022-2865)

2022-12-27T00:00:00
nessus
scanner

Rocky Linux 8 : grub2, mokutil, shim, and shim-unsigned-x64 (RLSA-2022:5095)

2022-07-08T00:00:00
nessus
scanner

Oracle Linux 7 : grub2 (ELSA-2022-9469)

2022-06-07T00:00:00
nessus
scanner

EulerOS Virtualization for ARM 64 3.0.2.0 : bluez (EulerOS-SA-2021-2088)

2021-07-02T00:00:00
nessus
scanner

Debian DLA-3011-1 : vim - LTS security update

2022-05-17T00:00:00
mageia
unix

Updated busybox packages fix security vulnerability

2021-12-02T16:49:28
mageia
unix

Updated vim packages fix security vulnerability

2022-05-25T18:46:18
mageia
unix

Updated heimdal packages fix security vulnerability

2022-12-17T18:48:08
mageia
unix

Updated expat packages fix security vulnerability

2022-01-25T12:13:11
ics
info

Siemens SCALANCE Third-Party

2023-03-21T12:00:00
cloudfoundry
software

USN-5179-1: BusyBox vulnerabilities | Cloud Foundry

2022-01-20T00:00:00
cloudfoundry
software

USN-5288-1: Expat vulnerabilities | Cloud Foundry

2022-04-21T00:00:00
ubuntu
unix

BusyBox vulnerabilities

2021-12-07T00:00:00
ubuntu
unix

Expat vulnerabilities

2022-02-21T00:00:00
ubuntu
unix

Vim vulnerabilities

2022-06-06T00:00:00
ubuntu
unix

Vim vulnerabilities

2022-05-23T00:00:00
suse
unix

Security update for vim (important)

2022-09-09T00:00:00
suse
unix

Security update for vim (important)

2022-06-16T00:00:00
suse
unix

Security update for expat (important)

2022-01-25T00:00:00
suse
unix

Security update for grub2 (important)

2022-06-13T00:00:00
suse
unix

Security update for grub2 (important)

2022-06-10T00:00:00
debian
unix

[SECURITY] [DLA 3152-1] glibc security update

2022-10-17T15:54:41
debian
unix

[SECURITY] [DLA 2947-1] vim security update

2022-03-11T22:50:56
debian
unix

[SECURITY] [DLA 3182-1] vim security update

2022-11-08T14:54:53
debian
unix

[SECURITY] [DLA 2904-1] expat security update

2022-01-30T21:42:20
debian
unix

[SECURITY] [DSA 5073-1] expat security update

2022-02-12T13:32:08
debian
unix

[SECURITY] [DLA 3206-1] heimdal security update

2022-11-26T20:21:42
debian
unix

[SECURITY] [DLA 3011-1] vim security update

2022-05-16T19:42:09
osv
software

glibc - security update

2022-10-20T00:00:00
osv
software

vim - security update

2022-03-11T00:00:00
osv
software

vim - security update

2022-11-08T00:00:00
osv
software

expat - security update

2022-02-12T00:00:00
osv
software

expat - security update

2022-01-30T00:00:00
osv
software

heimdal - security update

2022-11-26T00:00:00
osv
software

vim - security update

2022-05-16T00:00:00
amazon
unix

Medium: vim

2022-07-28T20:41:00
amazon
unix

Medium: vim

2022-07-19T01:26:00
amazon
unix

Medium: vim

2022-01-18T21:38:00
amazon
unix

Medium: vim

2022-01-18T20:12:00
amazon
unix

Medium: vim

2022-04-04T23:48:00
amazon
unix

Medium: busybox

2022-01-18T20:13:00
amazon
unix

Low: vim

2022-10-17T20:22:00
amazon
unix

Medium: vim

2022-05-31T23:50:00
gentoo
unix

Vim, gVim: Multiple Vulnerabilities

2022-08-21T00:00:00
gentoo
unix

Expat: Multiple Vulnerabilities

2022-09-29T00:00:00
ibm
software

Security Bulletin: Expat vulnerabilities affect IBM Netezza Analytics

2022-06-03T14:32:29
ibm
software

Security Bulletin: Expat vulnerabilities affect IBM Netezza Analytics for NPS

2022-06-03T14:32:29
ibm
software

Security Bulletin: IBM Tivoli Monitoring is vulnerable to remote code execution and denial of service due to multiple Expat CVEs

2022-12-30T17:31:59
ibm
software

Security Bulletin: AIX is affected by multiple vulnerabilities in Python

2022-07-28T20:09:50
ibm
software

Security Bulletin: Multiple vulnerabilities have been identified in IBM HTTP Server used by IBM Rational ClearQuest

2022-04-07T03:54:04
ibm
software

Security Bulletin: Due to use of Expat IBM Tivoli Network Manager is vulnerable to arbitrary code execution (multiple vulnerabilities)

2022-07-04T12:59:59
ibm
software

Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities in Expact library.

2022-07-19T08:54:07
ibm
software

Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

2022-07-26T14:35:29
ibm
software

Security Bulletin: IBM QRadar Network Packet Capture includes multiple vulnerable components.

2022-07-05T13:50:24
ibm
software

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server shipped in IBM WebSphere Application Server Patterns

2022-04-22T21:39:22
ibm
software

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server affect IBM Business Automation Workflow and IBM Business Process Manager

2022-09-14T15:28:14
ibm
software

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server due to Expat vulnerabilities

2022-03-02T18:47:38
ibm
software

Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with WebSphere Remote Server

2022-03-04T19:18:28
ibm
software

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

2022-11-09T18:38:30
ibm
software

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

2022-10-24T20:09:51
ibm
software

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server affect IBM Netezza Performance Portal

2022-03-16T11:34:12
ibm
software

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase

2022-04-01T06:18:19
aix
unix

AIX is affected by multiple vulnerabilities in Python

2022-07-28T13:12:18
cloudlinux
unix

Fixed 13 CVEs in expat

2022-08-17T18:50:48
oraclelinux
unix

expat security update

2022-03-16T00:00:00
oraclelinux
unix

expat security update

2022-03-28T00:00:00
oraclelinux
unix

grub2 security update

2022-06-07T00:00:00
oraclelinux
unix

grub2 security update

2022-06-07T00:00:00
almalinux
unix

Important: expat security update

2022-03-16T00:00:00
redhat
unix

(RHSA-2022:1069) Important: expat security update

2022-03-28T08:42:24
redhat
unix

(RHSA-2022:0951) Important: expat security update

2022-03-16T15:13:06
rocky
unix

expat security update

2022-03-16T15:13:06
centos
unix

expat security update

2022-03-29T22:31:03
openvas
scanner

Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2019-2559)

2020-01-23T00:00:00
openvas
scanner

Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2019-2380)

2020-01-23T00:00:00
photon
unix

Critical Photon OS Security Update - PHSA-2022-0487

2022-06-20T00:00:00
photon
unix

Important Photon OS Security Update - PHSA-2022-0404

2022-06-12T00:00:00
photon
unix

Important Photon OS Security Update - PHSA-2022-3.0-0404

2022-06-12T00:00:00
photon
unix

Critical Photon OS Security Update - PHSA-2022-0431

2022-01-23T00:00:00
photon
unix

Critical Photon OS Security Update - PHSA-2022-0462

2022-01-22T00:00:00
slackware
unix

[slackware-security] expat

2022-01-16T21:48:11
hp
software

Expat Library update for Teradici PCoIP Software and Firmware

2022-04-11T00:00:00
altlinux
unix

Security fix for the ALT Linux 10 package vim version 4:8.2.5019-alt1

2022-05-31T00:00:00
altlinux
unix

Security fix for the ALT Linux 9 package vim version 4:8.2.5019-alt1

2022-06-02T00:00:00