Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Last update: Jan 9, 2023

Comments: 17

Vuls: VULnerability Scanner

Vulnerability scanner for Linux/FreeBSD, agent-less, written in Go. We have a slack team. Join slack team Twitter: @vuls_en

Abstract

For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in a production environment, it is common for a system administrator to choose not to use the automatic update option provided by the package manager and to perform update manually. This leads to the following problems.

The system administrator will have to constantly watch out for any new vulnerabilities in NVD (National Vulnerability Database) or similar databases.
It might be impossible for the system administrator to monitor all the software if there are a large number of software packages installed in the server.
It is expensive to perform analysis to determine the servers affected by new vulnerabilities. The possibility of overlooking a server or two during analysis is there.

Vuls is a tool created to solve the problems listed above. It has the following characteristics.

Informs users of the vulnerabilities that are related to the system.
Informs users of the servers that are affected.
Vulnerability detection is done automatically to prevent any oversight.
A report is generated on a regular basis using CRON or other methods. to manage vulnerability.

Main Features

Scan for any vulnerabilities in Linux/FreeBSD Server

Supports major Linux/FreeBSD

Alpine, Amazon Linux, CentOS, Debian, Oracle Linux, Raspbian, RHEL, SUSE Enterprise Linux, and Ubuntu
FreeBSD
Cloud, on-premise, Running Docker Container

High-quality scan

Vulnerability Database
- NVD
- JVN(Japanese)
OVAL
- Red Hat
- Debian
- Ubuntu
- SUSE
- Oracle Linux
Security Advisory
Commands(yum, zypper, pkg-audit)
- RHSA / ALAS / ELSA / FreeBSD-SA
- Changelog
PoC, Exploit
- Exploit Database
- Metasploit-Framework modules
CERT
- US-CERT
- JPCERT
Libraries
WordPress
- wpscan

Scan mode

Fast Scan

Scan without root privilege, no dependencies
Almost no load on the scan target server
Offline mode scan with no internet access. (CentOS, Debian, Oracle Linux, Red Hat, and Ubuntu)

Fast Root Scan

Scan with root privilege
Almost no load on the scan target server
Detect processes affected by update using yum-ps (Amazon Linux, CentOS, Oracle Linux, and RedHat)
Detect processes which updated before but not restarting yet using checkrestart of debian-goodies (Debian and Ubuntu)
Offline mode scan with no internet access. (CentOS, Debian, Oracle Linux, Red Hat, and Ubuntu)

Remote, Local scan mode, Server mode

Remote scan mode

User is required to only set up one machine that is connected to other target servers via SSH

Local scan mode

If you don't want the central Vuls server to connect to each server by SSH, you can use Vuls in the Local Scan mode.

Server mode

First, start Vuls in server mode and listen as an HTTP server.
Next, issue a command on the scan target server to collect software information. Then send the result to Vuls Server via HTTP. You receive the scan results as JSON format.
No SSH needed, No Scanner needed. Only issuing Linux commands directory on the scan target server.

Dynamic Analysis

It is possible to acquire the state of the server by connecting via SSH and executing the command.
Vuls warns when the scan target server was updated the kernel etc. but not restarting it.

Scan vulnerabilities of non-OS-packages

Libraries of programming language
Self-compiled software
Network Devices

Vuls has some options to detect the vulnerabilities

Scan WordPress core, themes, plugins

Scan WordPress

MISC

Nondestructive testing
Pre-authorization is NOT necessary before scanning on AWS
- Vuls works well with Continuous Integration since tests can be run every day. This allows you to find vulnerabilities very quickly.
Auto-generation of configuration file template
- Auto-detection of servers set using CIDR, generate configuration file template
Email and Slack notification is possible (supports Japanese language)
Scan result is viewable on accessory software, TUI Viewer in a terminal or Web UI (VulsRepo).

What Vuls Doesn't Do

Vuls doesn't update the vulnerable packages.

Document

For more information such as Installation, Tutorial, Usage, visit vuls.io
日本語翻訳ドキュメント

Authors

kotakanbe (@kotakanbe) created vuls and these fine people have contributed.

Contribute

see vulsdoc

Stargazers over time

-----;

License

Please see LICENSE.

Owner

Future Corp

Future's official open source repositories

https://github.com/future-architect/vuls https://vuls.io/

Comments

I got a error output as the description when running the scan.sh
The executed command: #./update-all.sh ... #./scan.sh Using default tag: latest latest: Pulling from vuls/vuls Digest: sha256:3aba376c0bab1adc59a84b8ec59ace3e050b7438e1d4dd29855e4002dd5d9ef6 Status: Image is up to date for vuls/vuls:latest [Feb 25 10:23:54] INFO [localhost] vuls-v0.15.9-build-20210225_011640_518f4dc [Feb 25 10:23:54] INFO [localhost] Validating config... [Feb 25 10:23:54] INFO [localhost] Detecting Server/Container OS... [Feb 25 10:23:54] INFO [localhost] Detecting OS of servers... [Feb 25 10:23:54] ERROR [localhost] Failed to configtest: Failed to init servers. err: github.com/future-architect/vuls/scanner.Scanner.Configtest /go/src/github.com/future-architect/vuls/scanner/serverapi.go:101

No scannable host OS: github.com/future-architect/vuls/scanner.Scanner.initServers /go/src/github.com/future-architect/vuls/scanner/serverapi.go:229

#cat /etc/redhat-release CentOS Linux release 7.6.1810 (Core)

Did I miss something so that it couldn't detect the server distro? Thanks.

WordPress Vulnerability Scan (core, plugin, theme)

https://wpvulndb.com/api provides vulnerability information. wp command can get WordPress core, plugin and theme version. It seems to be able to detect using this version information and vulnerability database.

WP core version

wp core version --path=/home/kusanagi/yokota/DocumentRoot/
4.9.6

Which plugin installed

[root@wp~]# wp plugin list --path=/home/hoge/wp/DocumentRoot/ --format=json | jq "."
[
  {
    "name": "akismet",
    "status": "inactive",
    "update": "none",
    "version": "4.0.8"
  },
  {
    "name": "bootstrap-for-contact-form-7",
    "status": "active",
    "update": "none",
    "version": "1.4.8"
  },
  {
    "name": "contact-form-7",
    "status": "active",
    "update": "available",
    "version": "5.0.2"
  },
  {
    "name": "dentist-cpt",
    "status": "active",
    "update": "none",
    "version": "1.0"
  },
  {
    "name": "hello",
    "status": "inactive",
    "update": "none",
    "version": "1.7"
  },
  {
    "name": "insta-gallery",
    "status": "active",
    "update": "available",
    "version": "1.6.1"
  },
  {
    "name": "translatepress-multilingual",
    "status": "inactive",
    "update": "available",
    "version": "1.2.5"
  },
  {
    "name": "unyson",
    "status": "active",
    "update": "available",
    "version": "2.7.18"
  },
  {
    "name": "wp-multibyte-patch",
    "status": "inactive",
    "update": "none",
    "version": "2.8.1"
  },
  {
    "name": "kusanagi-wp-configure",
    "status": "must-use",
    "update": "none",
    "version": "0.7"
  },
  {
    "name": "wp-kusanagi",
    "status": "must-use",
    "update": "none",
    "version": "1.0.24"
  }
]

Which theme installed

[root@wp ~]# wp theme list --path=/home/hoge/wp/DocumentRoot/ --format=js
on | jq "."
[
  {
    "name": "dentist_wp",
    "status": "active",
    "update": "none",
    "version": "1.6.6"
  },
  {
    "name": "twentyfifteen",
    "status": "inactive",
    "update": "none",
    "version": "2.0"
  },
  {
    "name": "twentyseventeen",
    "status": "inactive",
    "update": "none",
    "version": "1.6"
  },
  {
    "name": "twentysixteen",
    "status": "inactive",
    "update": "none",
    "version": "1.5"
  }
]

Vulnerability Database

https://wpvulndb.com/api

curl -H "Authorization: Token token=API_TOKEN" https://wpvulndb.com/api/v3/plugins/eshop
JSON response (prettified)

{
  "eshop": {
    "latest_version": "6.3.14",
    "last_updated": "2015-09-10T09:16:00.000Z",
    "popular": false,
    "vulnerabilities": [
      {
        "id": 7004,
        "title": "eShop - wp-admin/admin.php Multiple Parameter XSS",
        "created_at": "2014-08-01T10:59:06.000Z",
        "updated_at": "2015-05-15T13:48:24.000Z",
        "published_date": null,
        "references": {
          "url": [
            "http://seclists.org/bugtraq/2011/Aug/52",
            "http://www.htbridge.ch/advisory/multiple_xss_in_eshop_for_wordpress.html"
          ],
          "secunia": [
            "45553"
          ]
        },
        "vuln_type": "XSS",
        "fixed_in": "6.2.9"
      },
      {
        "id": 7967,
        "title": "eShop <= 6.3.11 - Remote Code Execution",
        "created_at": "2015-05-06T20:33:09.000Z",
        "updated_at": "2015-07-04T19:10:12.000Z",
        "published_date": "2015-05-06T00:00:00.000Z",
        "references": {
          "url": [
            "http://packetstormsecurity.com/files/131783/",
            "https://plugins.trac.wordpress.org/changeset/1170942/eshop"
          ],
          "cve": [
            "2015-3421"
          ]
        },
        "vuln_type": "RCE",
        "fixed_in": "6.3.12"
      },
      {
        "id": 8180,
        "title": "eShop <= 6.3.13 - Reflected Cross-Site Scripting (XSS) & CSRF",
        "created_at": "2015-09-09T20:36:51.000Z",
        "updated_at": "2015-09-09T20:36:51.000Z",
        "published_date": "2015-09-09T00:00:00.000Z",
        "references": {
          "url": [
            "http://packetstormsecurity.com/files/133480/"
          ]
        },
        "vuln_type": "XSS",
        "fixed_in": null
      }
    ]
  }
}

Ubuntu failed to scan vulnerable packages

[Oct  6 14:27:33] DEBUG [x-x-x-x] SSHResult: servername: x-x-x-x, cmd: set -o pipefail; sudo -S LANG=en_US.UTF-8 apt-get upgrade --dry-run, exitstatus: 0, stdout: ^MReading package lists... 0%^MReading package lists... 100%^MReading package lists... Done
^MBuilding dependency tree... 0%^MBuilding dependency tree... 0%^MBuilding dependency tree... 50%^MBuilding dependency tree... 50%^MBuilding dependency tree       
^MReading state information... 0%^MReading state information... 0%^MReading state information... Done
^MCalculating upgrade... 0%^MCalculating upgrade... 50%^MCalculating upgrade... Done
The following packages were automatically installed and are no longer required:
  linux-headers-3.19.0-65 linux-headers-3.19.0-65-generic linux-headers-4.4.0-34 linux-headers-4.4.0-34-generic linux-image-3.19.0-65-generic linux-image-3.19.0-66-generic linux-image-4.4.0-34-generic linux-image-extra-3.19.0-65-generic
  linux-image-extra-4.4.0-34-generic linux-image-generic-lts-vivid
Use 'sudo apt autoremove' to remove them.
The following packages will be upgraded:
  initramfs-tools initramfs-tools-bin initramfs-tools-core klibc-utils libklibc ntp ntpdate
7 to upgrade, 0 to newly install, 0 to remove and 0 not to upgrade.
Inst ntp [1:4.2.8p4+dfsg-3ubuntu5.1] (1:4.2.8p4+dfsg-3ubuntu5.3 Ubuntu:16.04/xenial-updates, Ubuntu:16.04/xenial-security [amd64])
Inst ntpdate [1:4.2.8p4+dfsg-3ubuntu5.1] (1:4.2.8p4+dfsg-3ubuntu5.3 Ubuntu:16.04/xenial-updates, Ubuntu:16.04/xenial-security [amd64])
Inst klibc-utils [2.0.4-8ubuntu1.16.04.1] (2.0.4-8ubuntu1.16.04.2 Ubuntu:16.04/xenial-updates [amd64]) []
Inst initramfs-tools [0.122ubuntu8.1] (0.122ubuntu8.3 Ubuntu:16.04/xenial-updates [all]) []
Inst initramfs-tools-core [0.122ubuntu8.1] (0.122ubuntu8.3 Ubuntu:16.04/xenial-updates [all]) []
Inst initramfs-tools-bin [0.122ubuntu8.1] (0.122ubuntu8.3 Ubuntu:16.04/xenial-updates [amd64]) []
Inst libklibc [2.0.4-8ubuntu1.16.04.1] (2.0.4-8ubuntu1.16.04.2 Ubuntu:16.04/xenial-updates [amd64])
Conf ntp (1:4.2.8p4+dfsg-3ubuntu5.3 Ubuntu:16.04/xenial-updates, Ubuntu:16.04/xenial-security [amd64])
Conf ntpdate (1:4.2.8p4+dfsg-3ubuntu5.3 Ubuntu:16.04/xenial-updates, Ubuntu:16.04/xenial-security [amd64])
Conf libklibc (2.0.4-8ubuntu1.16.04.2 Ubuntu:16.04/xenial-updates [amd64])
Conf klibc-utils (2.0.4-8ubuntu1.16.04.2 Ubuntu:16.04/xenial-updates [amd64])
Conf initramfs-tools-bin (0.122ubuntu8.3 Ubuntu:16.04/xenial-updates [amd64])
Conf initramfs-tools-core (0.122ubuntu8.3 Ubuntu:16.04/xenial-updates [all])
Conf initramfs-tools (0.122ubuntu8.3 Ubuntu:16.04/xenial-updates [all])
, stderr: , err: %!s(<nil>)
[Oct  6 14:27:33] ERROR [x-x-x-x] Failed to scan vulnerable packages

I have tested on both 16.04 and 14.04 with the same results. I can provide any other information required.

Cheers Will

Support Alpine Linux

Alpine linux is becoming a large part of the Docker and VM community due to its small disk/memory footprint and security standards.

https://alpinelinux.org/

It would be nice to see support for this as a scan target. It uses its own package manager, apk.

Freebsd jails

What did you implement:

sort of closes #453

How did you implement it:

Started to read up on the code tonight and tried to fiddle with it and get it to work with FreeBSD jails.

I basically copied the code for lxc and changed it to match how jails work. And in a very simple case with four jails running on a host it seems to work just fine.

# ./vuls scan
[Aug  2 00:11:57]  INFO [localhost] Start scanning
[Aug  2 00:11:57]  INFO [localhost] config: /usr/local/etc/vuls/config.toml
[Aug  2 00:11:57]  INFO [localhost] Validating config...
[Aug  2 00:11:57]  INFO [localhost] Detecting Server/Container OS... 
[Aug  2 00:11:57]  INFO [localhost] Detecting OS of servers... 
[Aug  2 00:12:03]  INFO [localhost] (1/1) Detected: core: FreeBSD 11.1-RELEASE
[Aug  2 00:12:03]  INFO [localhost] Detecting OS of containers... 
[Aug  2 00:12:17]  INFO [localhost] Detected: system@core: FreeBSD 11.1-RELEASE
[Aug  2 00:12:17]  INFO [localhost] Detected: ap@core: FreeBSD 11.1-RELEASE
[Aug  2 00:12:17]  INFO [localhost] Detecting Platforms... 
[Aug  2 00:12:19]  INFO [localhost] (1/3) core is running on other
[Aug  2 00:12:19]  INFO [localhost] (2/3) system on core is running on aws
[Aug  2 00:12:19]  INFO [localhost] (3/3) ap on core is running on aws
[Aug  2 00:12:19]  INFO [localhost] Scanning vulnerabilities... 
[Aug  2 00:12:19]  INFO [localhost] Scanning vulnerable OS packages...

Is this ready for review?: NO
Is it a breaking change?: NO

x509: certificate signed by unknown authority
Environment

Ubuntu 16.04

Vuls

Hash : vuls v0.1.7 46f9674

Go

Go version: not installed?

Current Output

Addition Details

Vuls is working with "report-json" but is unable to send the report via E-Mail. My Mailserver is using Starttls and a Testmail from my Vuls Server to the Mailserver via "mail" command is working.

I think the issue could be solved if I can somewhere add a certificate verify ignore flag.

Expected Behavior

Send Report via E-Mail

Actual Behavior

"Failed to report, err: Failed to send emails: x509: certificate signed by unknown authority"
too many SQL variables

while working with docker ./report.sh and /tui.sh aren't generating the expected output but:

[Aug 30 09:30:07] ERROR [localhost] Failed to fill with CVE: Failed to fetch CVE. err: too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables; too many SQL variables
wrong version comparison on alpine packages

What did you do? (required. The issue will be closed when not provided.)

Installed jq on alpine 3.11.3 The installed package is 1.6-r0 and scanned this alpine

What did you expect to happen?

The expected result is that the jq is not vulnerable

What happened instead?

in the report we see that jq is vulnerable to CVE-2016-4074

I did some investigation and it seems the problem in the go-rpm-version

package main import ( "fmt" rpmver "github.com/knqyf263/go-rpm-version" ) func ver_func() { vera := rpmver.NewVersion("1.6-r0") verb := rpmver.NewVersion("1.6_rc1-r0") fmt.Printf("installed %s < Fixed %s %v\n", vera, verb, vera.LessThan(verb)) } func main() { ver_func() } gives: installed 1.6-r0 < Fixed 1.6_rc1-r0 true

Panic on packet scan

goroutine 534 [running]:
panic(0xae3440, 0xc8206f89b0)
    /usr/local/go/src/runtime/panic.go:481 +0x3e6
github.com/future-architect/vuls/scan.parallelSSHExec.func1(0xe7c660, 0xc820010c60, 0x7f19c96fb000, 0xc8201054a0)
    /go/src/github.com/future-architect/vuls/scan/sshutil.go:80 +0x37d
created by github.com/future-architect/vuls/scan.parallelSSHExec
    /go/src/github.com/future-architect/vuls/scan/sshutil.go:84 +0x166

I saw this on my latest scan, if it helps

OS detection get unsuccessful in first run
What did you do? (required. The issue will be closed when not provided.)

vuls scan ubuntu

What did you expect to happen?

Complete scan successfully in first attempt (run)

What happened instead?

Couldn't determine OS of server. the step timeout. Or, we can cancel whole thing with ctrl+c and then again run same command "vuls scan ubuntu" and everything is fine 2nd time.

Current Output freeze in line " INFO [localhost] Detecting OS of servers... " Please re-run the command using -debug and provide the output below.

when used --debug, the working is normal and fine sometimes. log below:

$ vuls scan -debug ubuntu [Aug 21 09:11:01] INFO [localhost] Start scanning [Aug 21 09:11:01] INFO [localhost] config: /home/ubuntu/config.toml [Aug 21 09:11:01] DEBUG [localhost] { "logpoint": config.ServerInfo{ ServerName: “ubuntu”, User: "vuls", Host: “xyz”, Port: "22", KeyPath: "/home/ubuntu/vuls_keys/id_rsa_vuls_az", KeyPassword: "", CpeNames: []string{}, DependencyCheckXMLPath: "", Containers: config.Containers{ Type: "", Includes: []string{}, Excludes: []string{}, }, IgnoreCves: []string{}, Optional: [][]interface {}{}, Enablerepo: []string{}, Type: "", LogMsgAnsiColor: "\x1b[33m", Container: config.Container{ ContainerID: "", Name: "", Image: "", }, Distro: config.Distro{ Family: "", Release: "", }, IPv4Addrs: []string{}, IPv6Addrs: []string{}, }, } [Aug 21 09:11:01] INFO [localhost] Validating config... [Aug 21 09:11:01] INFO [localhost] Detecting Server/Container OS... [Aug 21 09:11:01] INFO [localhost] Detecting OS of servers... [Aug 21 09:11:01] DEBUG [localhost] Executing... ls /etc/debian_version [Aug 21 09:16:01] ERROR [localhost] Timed out while detecting servers [Aug 21 09:16:01] ERROR [localhost] (1/1) Timed out: ubuntu [Aug 21 09:16:01] ERROR [localhost] Failed to init servers: No scannable servers

Steps to reproduce the behaviour

uncertain. vuls scan ubuntu

Configuration (MUST fill this out):

Go version (go version): go version go1.10.3 linux/amd64

Go environment (go env):

GOARCH="amd64" GOBIN="" GOCACHE="/home/ubuntu/.cache/go-build" GOEXE="" GOHOSTARCH="amd64" GOHOSTOS="linux" GOOS="linux" GOPATH="/home/ubuntu/go" GORACE="" GOROOT="/usr/local/go" GOTMPDIR="" GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64" GCCGO="gccgo" CC="gcc" CXX="g++" CGO_ENABLED="1" CGO_CFLAGS="-g -O2" CGO_CPPFLAGS="" CGO_CXXFLAGS="-g -O2" CGO_FFLAGS="-g -O2" CGO_LDFLAGS="-g -O2" PKG_CONFIG="pkg-config" GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build834591688=/tmp/go-build -gno-record-gcc-switches"

Vuls environment:

Hash : ____ vuls v0.4.2 fe582ac

To check the commit hash of HEAD $ vuls -v

or

$ cd $GOPATH/src/github.com/future-architect/vuls $ git rev-parse --short HEAD

config.toml:

command:

vuls scan ubuntu

CentOS invalid YumRepo vuls result 「0 CVEs」

vuls version: vuls v0.2.0 5581a5c

CentOSにて不正なyumリポジトリを定義されていると、yum --changelog updateの結果に以下のようなエラーが出力されることがあります

Error: Package: erlang-observer-18.3.4.4-1.el7.x86_64 (CentOS-cloud-mirror_mitaka)
           Requires: erlang-kernel(x86-64) = 18.3.4.4-1.el7
           Removing: erlang-kernel-18.0-1.el7.centos.x86_64 (@erlang)

このエラーが発生すると一切changelogが出力されない為にvuls結果が「0CVEs」となり、脆弱性無しと判断されております

scan_server-001 centos7.1.1503  0 CVEs  545 updatable packages

上記により、少しでも脆弱性チェックされるように以下のように改造してみました ChangeLogを解析中に「Error: Package: 」を検出した場合、（）内のリポジトリ名を不正リポジトリとして再度「yum --changelog update」する際に、disablerepoを設定「yum --disablerepo=CentOS-cloud-mirror_mitaka, --changelog update」

diff --git a/scan/redhat.go b/scan/redhat.go
index 0d0bbbe..dad8c9e 100644
--- a/scan/redhat.go
+++ b/scan/redhat.go
@@ -279,17 +279,29 @@ func (o *redhat) scanUnsecurePackagesUsingYumCheckUpdate() (models.VulnInfos, er
                CveIDs   []string
        }

-       allChangelog, err := o.getAllChangelog(packInfoList)
-       if err != nil {
-               o.log.Errorf("Failed to getAllchangelog. err: %s", err)
-               return nil, err
-       }
-
-       // { packageName: changelog-lines }
+       err_repos := make(map[string]bool)
        var rpm2changelog map[string]*string
-       rpm2changelog, err = o.parseAllChangelog(allChangelog)
-       if err != nil {
-               return nil, fmt.Errorf("Failed to parseAllChangelog. err: %s", err)
+
+       for cnt := 0; cnt <= 1; cnt++ {
+               allChangelog, err := o.getAllChangelog(packInfoList, err_repos)
+               if err != nil {
+                       o.log.Errorf("Failed to getAllchangelog. err: %s", err)
+                       return nil, err
+               }
+
+               // { packageName: changelog-lines }
+               err_repos = make(map[string]bool)
+               rpm2changelog, err = o.parseAllChangelog(allChangelog, err_repos)
+               if err != nil {
+                       return nil, fmt.Errorf("Failed to parseAllChangelog. err: %s", err)
+               }
+               if len(err_repos) == 0 {
+                       o.log.Debugf("All Success Repo")
+                       break
+               }
+               for err_repo, _ := range err_repos {
+                       o.log.Errorf("Failed to Repo: %s", err_repo)
+               }
        }

        var results []PackInfoCveIDs
@@ -452,7 +464,7 @@ func (o *redhat) getChangelogCVELines(rpm2changelog map[string]*string, packInfo
        return retLine
 }

-func (o *redhat) parseAllChangelog(allChangelog string) (map[string]*string, error) {
+func (o *redhat) parseAllChangelog(allChangelog string, err_repos map[string]bool) (map[string]*string, error) {
        var majorVersion int
        var err error
        if o.Distro.Family == "centos" {
@@ -466,6 +478,20 @@ func (o *redhat) parseAllChangelog(allChangelog string) (map[string]*string, err
        tmpline := ""
        var lines []string
        var prev, now bool
+
+       var changelogErrorPattern = regexp.MustCompile(`^Error: Package: `)
+       for i := range orglines {
+               if changelogErrorPattern.MatchString(orglines[i]) {
+                       o.log.Debugf("ErrorLine: %s", orglines[i])
+                       temp := o.regexpReplace(orglines[i], `.*\(`, "")
+                       err_repos[o.regexpReplace(temp, `\).*`, "")] = true
+               }
+       }
+       if len(err_repos) != 0 {
+               o.log.Debugf("Disable Repos: %s", err_repos)
+               return nil, nil
+       }
+
        for i := range orglines {
                if majorVersion == 5 {
                        /* for CentOS5 (yum-util < 1.1.20) */
@@ -531,7 +557,7 @@ func (o *redhat) parseAllChangelog(allChangelog string) (map[string]*string, err
 }

 // CentOS
-func (o *redhat) getAllChangelog(packInfoList models.PackageInfoList) (stdout string, err error) {
+func (o *redhat) getAllChangelog(packInfoList models.PackageInfoList, err_repos map[string]bool) (stdout string, err error) {
        packageNames := ""
        for _, packInfo := range packInfoList {
                packageNames += fmt.Sprintf("%s ", packInfo.Name)
@@ -550,6 +576,14 @@ func (o *redhat) getAllChangelog(packInfoList models.PackageInfoList) (stdout st
                yumopts += " --skip-broken"
        }

+       if len(err_repos) != 0 {
+               yumopts += " --disablerepo="
+               for err_repo, _ := range err_repos {
+                       yumopts += err_repo + ","
+               }
+       }
+       o.log.Debugf("yumopts: %s", yumopts)
+
        // yum update --changelog doesn't have --color option.
        command += fmt.Sprintf(" LANGUAGE=en_US.UTF-8 yum %s --changelog update ", yumopts) + packageNames

結果として、「72CVEs」となり、脆弱性有りとして認識可能となっております

実行ログには
[Feb 27 17:26:56]  WARN [scan_server-001] Not found the package in rpm -qa. candidate: python2-traceback2--
[Feb 27 17:26:56]  WARN [scan_server-001] Not found the package in rpm -qa. candidate: python2-urllib3--
[Feb 27 17:27:40] ERROR [scan_server-001] Failed to Repo: CentOS-cloud-mirror_mitaka
[Feb 27 17:28:25]  INFO [scan_server-001] (1/581) Scanned MySQL-python-1.2.3-11.el7 -> 1.2.5-1.el7 : []
[Feb 27 17:28:25]  INFO [scan_server-001] (2/581) Scanned abrt-2.1.11-22.el7.centos.0.1 -> 2.1.11-45.el7.centos : []

と出力となり

vuls結果は
scan_server-001 centos7.1.1503  72 CVEs 545 updatable packages

最後に実際に本エラーの回収案はどのように検討されておりますでしょうか？エラーパッケージを検出したら、その時点でvulsを異常終了させるなど

feat(cwe): add cwe-id for category and view
What did you implement:

The following logs were seen, and many of these CWE IDs were associated with Category.

[Jan 5 23:13:14] DEBUG [localhost] CWE-ID 254 is not found in English CWE Dict [Jan 5 23:13:14] DEBUG [localhost] CWE-ID 399 is not found in English CWE Dict [Jan 5 23:13:14] DEBUG [localhost] CWE-ID 1230 is not found in English CWE Dict [Jan 5 23:13:14] DEBUG [localhost] CWE-ID 19 is not found in English CWE Dict

The CWE IDs are not only assigned to Weakness, but also to Category and View, so they are added in this PR.

Type of change

[x] Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

Checklist:

You don't have to satisfy all of the following.

[ ] Write tests

[ ] Write documentation

[x] Check that there aren't other open pull requests for the same issue/feature

[x] Format your source code by make fmt

[x] Pass the test by make test

[x] Provide verification config / commands

[x] Enable "Allow edits from maintainers" for this PR

[x] Update the messages below

Is this ready for review?: YES

Reference
How Has This Been Tested
If this Pull Request is work in progress, Add a prefix of “[WIP]” in the title.

What did you implement:

Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context.

Fixes # (issue)

Type of change

Please delete options that are not relevant.

[x] Bug fix (non-breaking change which fixes an issue)

[x] New feature (non-breaking change which adds functionality)

[ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)

[ ] This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce.

Checklist:

You don't have to satisfy all of the following.

[ ] Write tests

[ ] Write documentation

[ ] Check that there aren't other open pull requests for the same issue/feature

[ ] Format your source code by make fmt

[ ] Pass the test by make test

[ ] Provide verification config / commands

[ ] Enable "Allow edits from maintainers" for this PR

[ ] Update the messages below

Is this ready for review?: NO

Reference

https://blog.github.com/2015-01-21-how-to-write-the-perfect-pull-request/
chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171
Bumps github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171.

Release notes

Sourced from github.com/aws/aws-sdk-go's releases.

Release v1.44.171 (2022-12-30)

Service Client Updates

service/cloudfront: Updates service API and documentation

Extend response headers policy to support removing headers from viewer responses

service/iotfleetwise: Updates service documentation

Release v1.44.170 (2022-12-29)

Service Client Updates

service/apigateway: Updates service documentation

Documentation updates for Amazon API Gateway

service/elasticmapreduce: Updates service API and documentation

Added GetClusterSessionCredentials API to allow Amazon SageMaker Studio to connect to EMR on EC2 clusters with runtime roles and AWS Lake Formation-based access control for Apache Spark, Apache Hive, and Presto queries.

service/secretsmanager: Updates service API and documentation

Added owning service filter, include planned deletion flag, and next rotation date response parameter in ListSecrets.

service/wisdom: Updates service API and documentation

Release v1.44.169 (2022-12-28)

Service Client Updates

service/elasticache: Updates service API and documentation

This release allows you to modify the encryption in transit setting, for existing Redis clusters. You can now change the TLS configuration of your Redis clusters without the need to re-build or re-provision the clusters or impact application availability.

service/network-firewall: Updates service API and documentation

service/rds: Updates service API, documentation, waiters, paginators, and examples

This release adds support for Custom Engine Version (CEV) on RDS Custom SQL Server.

service/route53-recovery-control-config: Updates service documentation and paginators

Release v1.44.168 (2022-12-27)

Service Client Updates

service/memorydb: Updates service API, documentation, and paginators

service/transfer: Updates service API

Add additional operations to throw ThrottlingExceptions

Release v1.44.167 (2022-12-23)

Service Client Updates

service/connect: Updates service API and documentation

service/connectparticipant: Updates service API and documentation

service/detective: Updates service API and documentation

service/fsx: Updates service API and documentation

service/inspector2: Updates service API

Release v1.44.166 (2022-12-22)

... (truncated)

Commits

eb531b5 Release v1.44.171 (2022-12-30) (#4677)

3961b07 Release v1.44.170 (2022-12-29) (#4675)

00f5d7d Release v1.44.169 (2022-12-28) (#4674)

698f054 Merge pull request #4597 from eddy-aws/main

3f9c4f2 add changelog file

5ce492c Release v1.44.168 (2022-12-27) (#4673)

811c54e Release v1.44.167 (2022-12-23) (#4671)

06491f5 Release v1.44.166 (2022-12-22) (#4670)

e845746 Release v1.44.165 (2022-12-21) (#4669)

bda5744 Release v1.44.164 (2022-12-20) (#4668)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
chore(deps): bump github.com/BurntSushi/toml from 1.2.0 to 1.2.1
Bumps github.com/BurntSushi/toml from 1.2.0 to 1.2.1.

Release notes

Sourced from github.com/BurntSushi/toml's releases.

v1.2.1

This release fixes the omitempty struct tag on an uncomparable type panicking.

Commits

74c008f Test Go 1.19; gofmt 1.19

8de7f4a Update tests a little bit and add comment

8bbca55 add a check for uncomparable empty structs

17ef72d Tweak docs to use Go 1.19 syntax

1ba7f5b Merge pull request #367 from zhsj/fix-32

473c10f Fix test on 32 bit arch

360c9e3 Don't return error on uncomparable types: just silently ignore like before

929b0a7 Merge pull request #361 from BurntSushi/p-omitempty

8d9ffad Don't panic with 'omitempty' and uncomparable type

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.2.0+incompatible
Bumps github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.2.0+incompatible.

Release notes

Sourced from github.com/Azure/azure-sdk-for-go's releases.

v67.2.0

Deprecated Packages

github.com/Azure/azure-sdk-for-go/services/preview/workloadmonitor/mgmt/2018-08-31-preview/workloadmonitor

github.com/Azure/azure-sdk-for-go/services/preview/workloadmonitor/mgmt/2020-01-13-preview/workloadmonitor

v67.1.0

Deprecated Packages

github.com/Azure/azure-sdk-for-go/services/preview/iotspaces/mgmt/2017-10-01-preview/iotspaces

v67.0.0

New Packages

github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2022-03-01/compute

github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2022-03-02/compute

github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2022-04-04/compute

github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2022-03-03/compute

github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2022-07-02/compute

github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2022-08-01/compute

github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2022-04-01/containerservice

github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2022-06-01/containerservice

github.com/Azure/azure-sdk-for-go/services/containerservice/mgmt/2022-07-01/containerservice

github.com/Azure/azure-sdk-for-go/services/cosmos-db/mgmt/2022-05-15/documentdb

github.com/Azure/azure-sdk-for-go/services/cosmos-db/mgmt/2022-08-15/documentdb

github.com/Azure/azure-sdk-for-go/services/keyvault/mgmt/2022-07-01/keyvault

github.com/Azure/azure-sdk-for-go/services/kubernetesconfiguration/mgmt/2022-07-01/kubernetesconfiguration

github.com/Azure/azure-sdk-for-go/services/network/mgmt/2022-01-01/network

github.com/Azure/azure-sdk-for-go/services/network/mgmt/2022-05-01/network

github.com/Azure/azure-sdk-for-go/services/operationalinsights/mgmt/2021-06-01/operationalinsights

github.com/Azure/azure-sdk-for-go/services/preview/keyvault/mgmt/2021-11-01-preview/keyvault

github.com/Azure/azure-sdk-for-go/services/preview/maintenance/mgmt/2021-09-01-preview/maintenance

github.com/Azure/azure-sdk-for-go/services/preview/maintenance/mgmt/2022-07-01-preview/maintenance

github.com/Azure/azure-sdk-for-go/services/preview/monitor/mgmt/2016-03-01-preview/monitorlegacy

github.com/Azure/azure-sdk-for-go/services/preview/monitor/mgmt/2021-05-01-preview/diagnostics

github.com/Azure/azure-sdk-for-go/services/preview/monitor/mgmt/2021-05-01-preview/metrics

github.com/Azure/azure-sdk-for-go/services/preview/monitor/mgmt/2022-06-01-preview/insights

github.com/Azure/azure-sdk-for-go/services/preview/monitor/mgmt/2022-10-01-preview/insights

github.com/Azure/azure-sdk-for-go/services/preview/msi/mgmt/2022-01-31-preview/msi

github.com/Azure/azure-sdk-for-go/services/preview/operationalinsights/mgmt/2022-02-01-preview/operationalinsights

github.com/Azure/azure-sdk-for-go/services/preview/resourcegraph/mgmt/2021-06-01-preview/resourcegraph

github.com/Azure/azure-sdk-for-go/services/preview/servicebus/mgmt/2022-01-01-preview/servicebus

github.com/Azure/azure-sdk-for-go/services/preview/solutions/mgmt/2018-09-01-preview/managedapplications

github.com/Azure/azure-sdk-for-go/services/preview/solutions/mgmt/2020-08-21-preview/managedapplications

github.com/Azure/azure-sdk-for-go/services/preview/solutions/mgmt/2021-02-01-preview/managedapplications

github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-01-01/privatedns

github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns

github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2017-04-01/locks

github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2020-05-01/locks

github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2021-01-01/resources

github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2021-04-01/resources

github.com/Azure/azure-sdk-for-go/services/servicebus/mgmt/2021-11-01/servicebus

... (truncated)

Commits

e76e45c deprecated services/preview/workloadmonitor/mgmt (#19701)

db4a684 rename v67.0.1 to v67.1.0 (#19542)

7ff7f08 Release v67.0.1 (#19370)

91112b0 fix CHANGELOG.md (#19342)

e9b651b Release v67.0.0 1665469788 (#19329)

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Ubuntu kernel detection

What did you do? (required. The issue will be closed when not provided.)

install Ubuntu18.04 on Hyper-V

$ cat /etc/os-release
NAME="Ubuntu"
VERSION="18.04.6 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.6 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic

$ uname -r
4.15.0-197-generic

$ dpkg-query -W -f="\${binary:Package},\${db:Status-Abbrev},\${Version},\${Source},\${source:Version}\n" | grep ^linux-
linux-base,ii ,4.5ubuntu1.7,,4.5ubuntu1.7
linux-firmware,ii ,1.173.21,,1.173.21
linux-generic,ii ,4.15.0.197.182,linux-meta,4.15.0.197.182
linux-headers-4.15.0-197,ii ,4.15.0-197.208,linux,4.15.0-197.208
linux-headers-4.15.0-197-generic,ii ,4.15.0-197.208,linux,4.15.0-197.208
linux-headers-generic,ii ,4.15.0.197.182,linux-meta,4.15.0.197.182
linux-image-4.15.0-197-generic,ii ,4.15.0-197.208,linux-signed,4.15.0-197.208
linux-image-generic,ii ,4.15.0.197.182,linux-meta,4.15.0.197.182
linux-modules-4.15.0-197-generic,ii ,4.15.0-197.208,linux,4.15.0-197.208
linux-modules-extra-4.15.0-197-generic,ii ,4.15.0-197.208,linux,4.15.0-197.208

install vulsctl

$ sudo bash install.sh

$ /usr/local/go/bin/go version
go version go1.19.3 linux/amd64
$ which vuls
/usr/local/bin/vuls
$ vuls -v
vuls-v0.21.1-build-20221115_133708_1d97e91

$ goval-dictionary fetch ubuntu 18
$ go-cve-dictionary fetch nvd

$ ll *.sqlite3
-rw-r--r-- 1 wk wk 1209712640 Nov 15 13:44 cve.sqlite3
-rw-r--r-- 1 wk wk   32186368 Nov 15 13:39 oval.sqlite3

$ cat config.toml
[servers]

[servers.localhost]
host               = "127.0.0.1"
port               = "local"
scanMode           = ["fast"]

Vuls scan/report (A)

$ vuls scan
$ vuls report -quiet | grep linux
| CVE-2022-3649    |  9.8 |  AV:N  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-23960   |  8.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2017-13165   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2018-12930   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2018-12931   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2019-19378   |  7.8 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2019-19814   |  7.8 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-11725   |  7.8 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-12362   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-39801   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-20421   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-3239    |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2019-20425   |  7.5 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2019-20429   |  7.5 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-0400    |  7.5 |  AV:N  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2019-14899   |  7.4 |  AV:A  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-32078   |  7.1 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-3864    |  7.0 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-39686   |  7.0 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-23041   |  7.0 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-3028    |  7.0 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2013-7445    |  6.9 |  AV:N  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2015-8553    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2016-8660    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2018-17977   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-26141   |  6.9 |  AV:A  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-26145   |  6.9 |  AV:A  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-26541   |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-27835   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-36310   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-20320   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-33061   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-33624   |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-34556   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-35477   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-39800   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-4148    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-4150    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-4159    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-4218    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-44879   |  6.9 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-0168    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-0382    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-0480    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-1263    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-1280    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-1508    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-20148   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-20166   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-20369   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-2153    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-26373   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-2663    |  6.9 |  AV:N  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-2991    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-3061    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-39188   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-39842   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-40307   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-42703   |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2018-1121    |  5.9 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2016-10723   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2017-13693   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2018-12928   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2018-12929   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2019-19815   |  5.5 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-12363   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-12364   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-3669    |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-0854    |  5.5 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2017-0537    |  4.7 |  AV:N  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2019-16230   |  4.7 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-27820   |  4.7 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2019-15213   |  4.6 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2022-20132   |  4.6 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-14304   |  4.4 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2020-35501   |  3.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-197-generic |
| CVE-2021-34981   |  3.9 |        |     |           | unfixed | linux-image-4.15.0-197-generic |

$ vuls report -quiet | grep linux | wc -l
77

Install old kernel, and reboot with old kernel

$ sudo apt install linux-image-4.15.0-22-generic

...reboot with old kernel

$ uname -r
4.15.0-22-generic

$ dpkg-query -W -f="\${binary:Package},\${db:Status-Abbrev},\${Version},\${Source},\${source:Version}\n" | grep ^linux-
linux-base,ii ,4.5ubuntu1.7,,4.5ubuntu1.7
linux-firmware,ii ,1.173.21,,1.173.21
linux-generic,ii ,4.15.0.197.182,linux-meta,4.15.0.197.182
linux-headers-4.15.0-197,ii ,4.15.0-197.208,linux,4.15.0-197.208
linux-headers-4.15.0-197-generic,ii ,4.15.0-197.208,linux,4.15.0-197.208
linux-headers-generic,ii ,4.15.0.197.182,linux-meta,4.15.0.197.182
linux-image-4.15.0-197-generic,ii ,4.15.0-197.208,linux-signed,4.15.0-197.208
linux-image-4.15.0-22-generic,ii ,4.15.0-22.24,linux-signed,4.15.0-22.24
linux-image-generic,ii ,4.15.0.197.182,linux-meta,4.15.0.197.182
linux-libc-dev:amd64,ii ,4.15.0-197.208,linux,4.15.0-197.208
linux-modules-4.15.0-197-generic,ii ,4.15.0-197.208,linux,4.15.0-197.208
linux-modules-4.15.0-22-generic,ii ,4.15.0-22.24,linux,4.15.0-22.24
linux-modules-extra-4.15.0-197-generic,ii ,4.15.0-197.208,linux,4.15.0-197.208

Vuls scan/report (B)

$ vuls scan
$ vuls report -quiet | grep linux
| CVE-2022-3649    |  9.8 |  AV:N  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-23960   |  8.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2017-13165   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2018-12930   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2018-12931   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2019-19378   |  7.8 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2019-19814   |  7.8 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-11725   |  7.8 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-12362   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-39801   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-20421   |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-3239    |  7.8 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2019-20425   |  7.5 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2019-20429   |  7.5 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-0400    |  7.5 |  AV:N  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2019-14899   |  7.4 |  AV:A  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-32078   |  7.1 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-3864    |  7.0 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-39686   |  7.0 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-23041   |  7.0 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-3028    |  7.0 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2013-7445    |  6.9 |  AV:N  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2015-8553    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2016-8660    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2018-17977   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-26141   |  6.9 |  AV:A  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-26145   |  6.9 |  AV:A  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-26541   |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-27835   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-36310   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-20320   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-33061   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-33624   |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-34556   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-35477   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-39800   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-4148    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-4150    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-4159    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-4218    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-44879   |  6.9 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-0168    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-0382    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-0480    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-1263    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-1280    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-1508    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-20148   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-20166   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-20369   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-2153    |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-26373   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-2663    |  6.9 |  AV:N  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-2991    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-3061    |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-39188   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-39842   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-40307   |  6.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-42703   |  6.9 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2018-1121    |  5.9 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2016-10723   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2017-13693   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2018-12928   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2018-12929   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2019-19815   |  5.5 |  AV:N  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-12363   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-12364   |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-3669    |  5.5 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-0854    |  5.5 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2017-0537    |  4.7 |  AV:N  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2019-16230   |  4.7 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-27820   |  4.7 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2019-15213   |  4.6 |  AV:L  | POC |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2022-20132   |  4.6 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-14304   |  4.4 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2020-35501   |  3.9 |  AV:L  |     |           | unfixed | linux-image-4.15.0-22-generic  |
| CVE-2021-34981   |  3.9 |        |     |           | unfixed | linux-image-4.15.0-22-generic  |

$ vuls report -quiet | grep linux | wc -l
77

What did you expect to happen?

Many vulneravilities are detected by old kernel then new kernel Fixed vulneravilities are detected at old kernel

What happened instead?

The number of vulneravilities are same Only unfixed vulneravilities are detected

Configuration (MUST fill this out):

Go version (go version):

$ /usr/local/go/bin/go version
go version go1.19.3 linux/amd64

Go environment (go env):

$ /usr/local/go/bin/go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/wk/.cache/go-build"
GOENV="/home/wk/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/home/wk/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/wk/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.19.3"
GCCGO="gccgo"
GOAMD64="v1"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/dev/null"
GOWORK=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build603454895=/tmp/go-build -gno-record-gcc-switches"

Vuls environment:

$ vuls -v
vuls-v0.21.1-build-20221115_133708_1d97e91

config.toml:

$ cat config.toml
[servers]

[servers.localhost]
host               = "127.0.0.1"
port               = "local"
scanMode           = ["fast"]

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Vuls: VULnerability Scanner

Abstract

Main Features

Scan for any vulnerabilities in Linux/FreeBSD Server

High-quality scan

Scan mode

Remote, Local scan mode, Server mode

Dynamic Analysis

Scan vulnerabilities of non-OS-packages

Scan WordPress core, themes, plugins

MISC

What Vuls Doesn't Do

Document

Authors

Contribute

Stargazers over time

License

Owner

Future Corp

Comments

I got a error output as the description when running the scan.sh

WordPress Vulnerability Scan (core, plugin, theme)

WP core version

Which plugin installed

Which theme installed

Vulnerability Database

Ubuntu failed to scan vulnerable packages

Support Alpine Linux

Freebsd jails

What did you implement:

How did you implement it:

x509: certificate signed by unknown authority

Environment

Vuls

Go

Current Output

Addition Details

Expected Behavior

Actual Behavior

too many SQL variables

wrong version comparison on alpine packages

What did you do? (required. The issue will be closed when not provided.)

What did you expect to happen?

What happened instead?

Panic on packet scan

OS detection get unsuccessful in first run

What did you do? (required. The issue will be closed when not provided.)

What did you expect to happen?

What happened instead?

Steps to reproduce the behaviour

Configuration (MUST fill this out):

CentOS invalid YumRepo vuls result 「0 CVEs」

feat(cwe): add cwe-id for category and view

What did you implement:

Type of change

How Has This Been Tested?

Checklist:

Reference

How Has This Been Tested

What did you implement:

Type of change

How Has This Been Tested?

Checklist:

Reference

chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171

Release v1.44.171 (2022-12-30)

Service Client Updates

Release v1.44.170 (2022-12-29)

Service Client Updates

Release v1.44.169 (2022-12-28)

Service Client Updates

Release v1.44.168 (2022-12-27)

Service Client Updates

Release v1.44.167 (2022-12-23)

Service Client Updates

chore(deps): bump github.com/BurntSushi/toml from 1.2.0 to 1.2.1

v1.2.1

chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.2.0+incompatible

v67.2.0