Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. I just had to do the final test. Many thanks to them for this!

Alternative video link (for Russia): https://vk.com/video-149273431_456239113

How can the support of these two APIs in Scanvus be useful?

  1. Now there is no binding to one vendor. Choose which service and price you prefer.
  2. The set of supported operating systems varies between Vulners.com and Vulns.io. If a particular Linux distribution is not supported by one vendor, it may be supported by another vendor.
  3. Vulners and Vulns.io implemented vulnerability checks independently of each other. If the results differ when scanning the same host/image, then implementation errors will be clearly visible.
  4. Scanvus is released under the MIT license, so you can use it as an example of working with the Vulners.com and Vulns.io APIs and use this code in your projects.

How to use it?

Basically, everything works exactly the same. You only need to specify the API you want to use in the –audit-service parameter. This can be “vulners” (default) or “vulnsio”.

Localhost

To begin, I scanned my localhost. This is a completely updated Ubuntu host. Vulners and Vulns.io did not detect security bulletin vulnerabilities there. And this is correct.

Vulners did not detect any vulnerabilities at all.

$ python3.8 scanvus.py --audit-service vulners --assessment-type localhost
  /$$$$$$$  /$$$$$$$  /$$$$$$  /$$$$$$$  /$$    /$$/$$   /$$  /$$$$$$$
 /$$_____/ /$$_____/ |____  $$| $$__  $$|  $$  /$$/ $$  | $$ /$$_____/
|  $$$$$$ | $$        /$$$$$$$| $$  \ $$ \  $$/$$/| $$  | $$|  $$$$$$ 
 \____  $$| $$       /$$__  $$| $$  | $$  \  $$$/ | $$  | $$ \____  $$
 /$$$$$$$/|  $$$$$$$|  $$$$$$$| $$  | $$   \  $/  |  $$$$$$/ /$$$$$$$/
|_______/  \_______/ \_______/|__/  |__/    \_/    \______/ |_______/ 
Getting assessment target...
  assessment_type: localhost
  host: localhost
Getting OS inventory data...
  os_name: ubuntu
  os_version: 20.04
  package_list_len: 2899
Getting vulnerability data...
Getting vulnerability report...
-------------
Vulnerability Report for localhost (localhost, ubuntu 20.04, linux kernel 5.4.0-135-generic, 2899 packages)
0 vulnerabilities were found

And Vulns.io detected some vulnerabilities.

$ python3.8 scanvus.py --audit-service vulnsio --assessment-type localhost
  /$$$$$$$  /$$$$$$$  /$$$$$$  /$$$$$$$  /$$    /$$/$$   /$$  /$$$$$$$
 /$$_____/ /$$_____/ |____  $$| $$__  $$|  $$  /$$/ $$  | $$ /$$_____/
|  $$$$$$ | $$        /$$$$$$$| $$  \ $$ \  $$/$$/| $$  | $$|  $$$$$$ 
 \____  $$| $$       /$$__  $$| $$  | $$  \  $$$/ | $$  | $$ \____  $$
 /$$$$$$$/|  $$$$$$$|  $$$$$$$| $$  | $$   \  $/  |  $$$$$$/ /$$$$$$$/
|_______/  \_______/ \_______/|__/  |__/    \_/    \______/ |_______/ 
Getting assessment target...
  assessment_type: localhost
  host: localhost
Getting OS inventory data...
  os_name: ubuntu
  os_version: 20.04
  package_list_len: 2899
Getting vulnerability data...
Getting vulnerability report...
-------------
Vulnerability Report for localhost (localhost, ubuntu 20.04, linux kernel 5.4.0-135-generic, 2899 packages)
3 vulnerabilities with levels ['Medium', 'Critical', 'High'] were found
+---+----------+-------------+------------------+-------------------------------------------------------------------------------+
| N |  Level   |  Bulletin   |       CVE        |                                     Proof                                     |
+---+----------+-------------+------------------+-------------------------------------------------------------------------------+
| 1 | Critical | no advisory |  CVE-2021-21783  |                  apparmor-2.13.3-7ubuntu5.1.amd64 >= 0:0.0.0                  |
|   |          |             |  CVE-2022-2207   |                libapparmor1-2.13.3-7ubuntu5.1.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2020-12390  |                libapparmor1-2.13.3-7ubuntu5.1.i386 >= 0:0.0.0                 |
|   |          |             |  CVE-2021-3773   | chromium-codecs-ffmpeg-extra-1:85.0.4183.83-0ubuntu0.20.04.2.amd64 >= 0:0.0.0 |
|   |          |             |  CVE-2022-25236  |                 gstreamer1.0-libav-1.16.2-2.amd64 >= 0:0.0.0                  |
|   |          |             |  CVE-2022-24791  |          libqt5webengine-data-5.12.8+dfsg-0ubuntu1.1.all >= 0:0.0.0           |
|   |          |             |  CVE-2019-15232  |           libqt5webengine5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0            |
|   |          |             |  CVE-2020-26972  |         libqt5webenginecore5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2020-12389  |        libqt5webenginewidgets5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0        |
|   |          |             |  CVE-2022-2042   |            firefox-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2020-13576  |       firefox-locale-en-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0        |
|   |          |             |  CVE-2022-23852  |       firefox-locale-ru-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0        |
|   |          |             |  CVE-2022-1253   |        thunderbird-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0         |
|   |          |             |  CVE-2021-29462  | thunderbird-gnome-support-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0  |
|   |          |             |  CVE-2021-30475  |   thunderbird-locale-en-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0    |
...

Why? Because Vulners and Vulns.io work differently. Vulners only detects vulnerabilities mentioned in bulletins, while Vulns.io also shows vulnerabilities for which there are no bulletins and patches that fix the vulnerability. Such vulnerabilities are grouped by severity with “no advisory” instead of a bulletin identifier. Whether you want to see vulnerabilities that you can’t fix yet is up to you.

Linux host

Next, I scanned a test upatched Debian 11 host.

$ ssh-copy-id -i  ~/.ssh/id_rsa.pub vmuser@192.168.56.105
$ ssh  -i  ~/.ssh/id_rsa.pub vmuser@192.168.56.105

In this case, vulnerabilities related to security bulletins were detected. And there are not many of them, so the reports can be easily analyzed manually.

 $ python3.8 scanvus.py --audit-service "vulners" --assessment-type "remote_ssh"  --host "192.168.56.105" --user-name "vmuser" --key-path "/home/alexander/.ssh/id_rsa.pub"
  /$$$$$$$  /$$$$$$$  /$$$$$$  /$$$$$$$  /$$    /$$/$$   /$$  /$$$$$$$
 /$$_____/ /$$_____/ |____  $$| $$__  $$|  $$  /$$/ $$  | $$ /$$_____/
|  $$$$$$ | $$        /$$$$$$$| $$  \ $$ \  $$/$$/| $$  | $$|  $$$$$$ 
 \____  $$| $$       /$$__  $$| $$  | $$  \  $$$/ | $$  | $$ \____  $$
 /$$$$$$$/|  $$$$$$$|  $$$$$$$| $$  | $$   \  $/  |  $$$$$$/ /$$$$$$$/
|_______/  \_______/ \_______/|__/  |__/    \_/    \______/ |_______/ 
Getting assessment target...
  assessment_type: remote_ssh
  host: 192.168.56.105
  user_name: vmuser
  key_path: /home/alexander/.ssh/id_rsa.pub
Getting OS inventory data...
  os_name: debian
  os_version: 11
  package_list_len: 364
Getting vulnerability data...
Getting vulnerability report...
-------------
Vulnerability Report for 192.168.56.105 (remote_ssh, debian 11, linux kernel 5.10.0-17-amd64, 364 packages)
3 vulnerabilities with levels ['High', 'Medium'] were found
+---+--------+-------------------------+----------------+------------------------------------------------------------+
| N | Level  |        Bulletin         |      CVE       |                           Proof                            |
+---+--------+-------------------------+----------------+------------------------------------------------------------+
| 1 |  High  | DEBIAN:DLA-3152-1:9B676 | CVE-2016-10228 |      libc-bin 2.31-13+deb11u3 amd64 < 2.31-13+deb11u4      |
|   |        |                         | CVE-2019-19126 |       libc6 2.31-13+deb11u3 amd64 < 2.31-13+deb11u4        |
|   |        |                         | CVE-2019-25013 |       locales 2.31-13+deb11u3 all < 2.31-13+deb11u4        |
|   |        |                         | CVE-2020-10029 |      libc-l10n 2.31-13+deb11u3 all < 2.31-13+deb11u4       |
|   |        |                         | CVE-2020-1752  |                                                            |
|   |        |                         | CVE-2020-27618 |                                                            |
|   |        |                         | CVE-2020-6096  |                                                            |
|   |        |                         | CVE-2021-27645 |                                                            |
|   |        |                         | CVE-2021-3326  |                                                            |
|   |        |                         | CVE-2021-33574 |                                                            |
|   |        |                         | CVE-2021-35942 |                                                            |
|   |        |                         | CVE-2021-3999  |                                                            |
|   |        |                         | CVE-2022-23218 |                                                            |
|   |        |                         | CVE-2022-23219 |                                                            |
+---+--------+-------------------------+----------------+------------------------------------------------------------+
| 2 | Medium | DEBIAN:DLA-3206-1:5481E | CVE-2019-14870 |    krb5-locales 1.18.3-6+deb11u1 all < 1.18.3-6+deb11u3    |
|   |        |                         | CVE-2021-3671  |    libkrb5-3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3     |
|   |        |                         | CVE-2021-44758 |   libk5crypto3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3   |
|   |        |                         | CVE-2022-3437  | libkrb5support0 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3  |
|   |        |                         | CVE-2022-41916 | libgssapi-krb5-2 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |
|   |        |                         | CVE-2022-42898 |                                                            |
|   |        |                         | CVE-2022-44640 |                                                            |
+---+--------+-------------------------+----------------+------------------------------------------------------------+
| 3 | Medium | DEBIAN:DSA-5287-1:12BD4 | CVE-2021-3671  |    krb5-locales 1.18.3-6+deb11u1 all < 1.18.3-6+deb11u3    |
|   |        |                         | CVE-2021-44758 |    libkrb5-3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3     |
|   |        |                         | CVE-2022-3437  |   libk5crypto3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3   |
|   |        |                         | CVE-2022-41916 | libkrb5support0 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3  |
|   |        |                         | CVE-2022-42898 | libgssapi-krb5-2 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |
|   |        |                         | CVE-2022-44640 |                                                            |
+---+--------+-------------------------+----------------+------------------------------------------------------------+
$ python3.8 scanvus.py --audit-service "vulnsio" --assessment-type "remote_ssh"  --host "192.168.56.105" --user-name "vmuser" --key-path "/home/alexander/.ssh/id_rsa.pub"
  /$$$$$$$  /$$$$$$$  /$$$$$$  /$$$$$$$  /$$    /$$/$$   /$$  /$$$$$$$
 /$$_____/ /$$_____/ |____  $$| $$__  $$|  $$  /$$/ $$  | $$ /$$_____/
|  $$$$$$ | $$        /$$$$$$$| $$  \ $$ \  $$/$$/| $$  | $$|  $$$$$$ 
 \____  $$| $$       /$$__  $$| $$  | $$  \  $$$/ | $$  | $$ \____  $$
 /$$$$$$$/|  $$$$$$$|  $$$$$$$| $$  | $$   \  $/  |  $$$$$$/ /$$$$$$$/
|_______/  \_______/ \_______/|__/  |__/    \_/    \______/ |_______/ 
Getting assessment target...
  assessment_type: remote_ssh
  host: 192.168.56.105
  user_name: vmuser
  key_path: /home/alexander/.ssh/id_rsa.pub
Getting OS inventory data...
  os_name: debian
  os_version: 11
  package_list_len: 364
Getting vulnerability data...
Getting vulnerability report...
-------------
Vulnerability Report for 192.168.56.105 (remote_ssh, debian 11, linux kernel 5.10.0-17-amd64, 364 packages)
7 vulnerabilities with levels ['Medium', 'Critical', 'High'] were found
+---+----------+-------------+------------------+----------------------------------------------------------------+
| N |  Level   |  Bulletin   |       CVE        |                             Proof                              |
+---+----------+-------------+------------------+----------------------------------------------------------------+
| 1 | Critical | DSA-5236-1  |  CVE-2022-40674  |     libexpat1-2.2.10-2+deb11u3.amd64 < 0:2.2.10-2+deb11u4      |
+---+----------+-------------+------------------+----------------------------------------------------------------+
| 2 | Critical | no advisory |  CVE-2022-23303  |              apparmor-2.13.6-10.amd64 >= 0:0.0.0               |
|   |          |             |  CVE-2021-45952  |            libapparmor1-2.13.6-10.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2022-3491   |               bluetooth-5.55-3.1.all >= 0:0.0.0                |
|   |          |             |  CVE-2020-27619  |                bluez-5.55-3.1.amd64 >= 0:0.0.0                 |
|   |          |             |  CVE-2021-43400  |            libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2021-29921  |             busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2022-37454  |              dnsmasq-base-2.85-1.amd64 >= 0:0.0.0              |
|   |          |             | CVE-2019-1010022 |           libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0            |
|   |          |             |  CVE-2005-2541   |            libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0            |
|   |          |             |  CVE-2021-45957  |             libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2022-46908  |             locales-2.31-13+deb11u3.all >= 0:0.0.0             |
|   |          |             |  CVE-2021-42377  |           libdb5.3-5.3.28+dfsg1-0.8.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2021-46848  |         libpcre2-8-0-10.36-2.amd64 < 0:10.36-2+deb11u1         |
|   |          |             |  CVE-2022-23304  |         libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2019-8457   |          libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2022-2210   |               python3.9-3.9.2-1.amd64 >= 0:0.0.0               |
|   |          |             |  CVE-2022-2042   |           python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2022-1586   |             libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2021-45954  |         libtasn1-6-4.16.0-2.amd64 < 0:4.16.0-2+deb11u1         |
|   |          |             |  CVE-2022-1587   |                tar-1.34+dfsg-1.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2021-45953  |         vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0         |
|   |          |             |  CVE-2016-1585   |         vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0         |
|   |          |             |  CVE-2021-45955  |           xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0            |
|   |          |             |  CVE-2021-45956  |           wpasupplicant-2:2.9.0-21.amd64 >= 0:0.0.0            |
|   |          |             |  CVE-2021-45951  |                                                                |
|   |          |             |  CVE-2015-20107  |                                                                |
|   |          |             |  CVE-2022-2207   |                                                                |
|   |          |             |  CVE-2022-0318   |                                                                |
|   |          |             |  CVE-2022-1927   |                                                                |
+---+----------+-------------+------------------+----------------------------------------------------------------+
| 3 |   High   | DSA-5207-1  |  CVE-2022-26373  |  linux-image-5.10.0-16-amd64-5.10.127-2.amd64 < 0:5.10.136-1   |
|   |          |             |  CVE-2022-2585   |                                                                |
|   |          |             |  CVE-2022-23816  |                                                                |
|   |          |             |  CVE-2022-2588   |                                                                |
|   |          |             |  CVE-2022-29901  |                                                                |
|   |          |             |  CVE-2022-36946  |                                                                |
|   |          |             |  CVE-2022-2586   |                                                                |
|   |          |             |  CVE-2022-29900  |                                                                |
|   |          |             |  CVE-2022-36879  |                                                                |
+---+----------+-------------+------------------+----------------------------------------------------------------+
| 4 |   High   | DSA-5235-1  |  CVE-2022-3080   | bind9-dnsutils-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 |
|   |          |             |  CVE-2022-38177  |   bind9-host-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1   |
|   |          |             |  CVE-2022-2795   |   bind9-libs-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1   |
|   |          |             |  CVE-2022-38178  |                                                                |
+---+----------+-------------+------------------+----------------------------------------------------------------+
| 5 |   High   | no advisory |  CVE-2022-1616   |            bash-completion-1:2.11-2.all >= 0:0.0.0             |
|   |          |             |  CVE-2022-31782  |               bluetooth-5.55-3.1.all >= 0:0.0.0                |
|   |          |             |  CVE-2022-0361   |                bluez-5.55-3.1.amd64 >= 0:0.0.0                 |
|   |          |             |  CVE-2020-15778  |            libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2022-3534   |             busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2021-28831  |               cpio-2.13+dfsg-4.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2022-43680  |              dnsmasq-base-2.85-1.amd64 >= 0:0.0.0              |
|   |          |             |  CVE-2022-43551  |              e2fsprogs-1.46.2-2.amd64 >= 0:0.0.0               |
|   |          |             |  CVE-2022-0629   |             libcom-err2-1.46.2-2.amd64 >= 0:0.0.0              |
|   |          |             |  CVE-2022-2284   |              libext2fs2-1.46.2-2.amd64 >= 0:0.0.0              |
|   |          |             |  CVE-2021-4173   |                libss2-1.46.2-2.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2022-0729   |               logsave-1.46.2-2.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2021-3999   |          grub-common-2.04-20.amd64 < 0:2.06-3~deb11u1          |
|   |          |             |  CVE-2022-2206   |            grub-pc-2.04-20.amd64 < 0:2.06-3~deb11u1            |
|   |          |             |  CVE-2021-3903   |          grub-pc-bin-2.04-20.amd64 < 0:2.06-3~deb11u1          |
|   |          |             |  CVE-2022-1733   |         grub2-common-2.04-20.amd64 < 0:2.06-3~deb11u1          |
|   |          |             |  CVE-2022-1851   |               iptables-1.8.7-1.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2019-19378  |               libip4tc2-1.8.7-1.amd64 >= 0:0.0.0               |
|   |          |             |  CVE-2016-9918   |               libip6tc2-1.8.7-1.amd64 >= 0:0.0.0               |
|   |          |             |  CVE-2021-42385  |             libxtables12-1.8.7-1.amd64 >= 0:0.0.0              |
|   |          |             |  CVE-2022-2581   |          krb5-locales-1.18.3-6+deb11u1.all >= 0:0.0.0          |
|   |          |             |  CVE-2021-42384  |       libgssapi-krb5-2-1.18.3-6+deb11u1.amd64 >= 0:0.0.0       |
|   |          |             |  CVE-2021-39537  |         libk5crypto3-1.18.3-6+deb11u1.amd64 >= 0:0.0.0         |
|   |          |             |  CVE-2022-42919  |          libkrb5-3-1.18.3-6+deb11u1.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2021-3973   |       libkrb5support0-1.18.3-6+deb11u1.amd64 >= 0:0.0.0        |
|   |          |             |  CVE-2022-2129   |                libbpf0-1:0.3-2.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2021-4136   |           libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0            |
|   |          |             |  CVE-2017-15131  |            libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0            |
|   |          |             |  CVE-2022-3176   |             libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2022-2344   |             locales-2.31-13+deb11u3.all >= 0:0.0.0             |
|   |          |             |  CVE-2021-3697   |      libcurl3-gnutls-7.74.0-1.3+deb11u2.amd64 >= 0:0.0.0       |
|   |          |             |  CVE-2017-7246   |     libexpat1-2.2.10-2+deb11u3.amd64 < 0:2.2.10-2+deb11u5      |
|   |          |             |  CVE-2020-26560  |      libfreetype6-2.10.4+dfsg-1+deb11u1.amd64 >= 0:0.0.0       |
|   |          |             |  CVE-2020-26559  |              libgcrypt20-1.8.7-6.amd64 >= 0:0.0.0              |
|   |          |             |  CVE-2021-39686  |            libjansson4-2.13.1-1.1.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2022-1247   |      libldap-2.4-2-2.4.57+dfsg-3+deb11u1.amd64 >= 0:0.0.0      |
|   |          |             |  CVE-2021-42382  |      libldap-common-2.4.57+dfsg-3+deb11u1.all >= 0:0.0.0       |
|   |          |             |  CVE-2017-17740  |          libncurses6-6.2+20201114-2.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2020-36325  |          libncursesw6-6.2+20201114-2.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2022-2257   |           libtinfo6-6.2+20201114-2.amd64 >= 0:0.0.0            |
|   |          |             |  CVE-2022-1154   |           ncurses-base-6.2+20201114-2.all >= 0:0.0.0           |
|   |          |             |  CVE-2022-0392   |          ncurses-bin-6.2+20201114-2.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2022-3297   |           ncurses-term-6.2+20201114-2.all >= 0:0.0.0           |
|   |          |             |  CVE-2021-4192   |              libpcre3-2:8.39-13.amd64 >= 0:0.0.0               |
|   |          |             |  CVE-2022-2287   |         libperl5.32-5.32.1-4+deb11u2.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2022-0408   |             perl-5.32.1-4+deb11u2.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2022-2571   |          perl-base-5.32.1-4+deb11u2.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2022-0393   |       perl-modules-5.32-5.32.1-4+deb11u2.all >= 0:0.0.0        |
|   |          |             |  CVE-2022-1619   |     libpolkit-agent-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0      |
|   |          |             |  CVE-2017-7245   |    libpolkit-gobject-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0     |
|   |          |             |  CVE-2022-2345   |         policykit-1-0.105-31+deb11u1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2022-1886   |         libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2021-4204   |          libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2022-0943   |               python3.9-3.9.2-1.amd64 >= 0:0.0.0               |
|   |          |             |  CVE-2022-2264   |           python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2022-0359   |             libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2022-0572   |    linux-image-5.10.0-16-amd64-5.10.127-2.amd64 >= 0:0.0.0     |
|   |          |             |  CVE-2022-0391   |    linux-image-5.10.0-17-amd64-5.10.136-1.amd64 >= 0:0.0.0     |
|   |          |             |  CVE-2017-11164  |         linux-image-amd64-5.10.136-1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2022-0413   |                login-1:4.8.1-1.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2021-3974   |               passwd-1:4.8.1-1.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2022-1769   |       openssh-client-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0        |
|   |          |             |  CVE-2021-42378  |       openssh-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0        |
|   |          |             |  CVE-2022-0554   |     openssh-sftp-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0     |
|   |          |             |  CVE-2022-2175   |            python3-httplib2-0.18.1-3.all >= 0:0.0.0            |
|   |          |             |  CVE-2022-0685   |         vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0         |
|   |          |             |  CVE-2022-1621   |         vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0         |
|   |          |             |  CVE-2021-36690  |           xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0            |
|   |          |             | CVE-2019-1010023 |             xdg-user-dirs-0.17-2.amd64 >= 0:0.0.0              |
|   |          |             |  CVE-2022-2946   |                                                                |
|   |          |             |  CVE-2018-20796  |                                                                |
|   |          |             |  CVE-2021-38185  |                                                                |
|   |          |             |  CVE-2018-6829   |                                                                |
|   |          |             |  CVE-2022-3424   |                                                                |
|   |          |             |  CVE-2021-21240  |                                                                |
|   |          |             |  CVE-2022-1735   |                                                                |
|   |          |             |  CVE-2022-0204   |                                                                |
|   |          |             |  CVE-2019-9192   |                                                                |
|   |          |             |  CVE-2016-9917   |                                                                |
|   |          |             |  CVE-2022-2849   |                                                                |
|   |          |             |  CVE-2022-2304   |                                                                |
|   |          |             |  CVE-2022-0407   |                                                                |
|   |          |             |  CVE-2021-3737   |                                                                |
|   |          |             |  CVE-2022-2602   |                                                                |
|   |          |             |  CVE-2022-1898   |                                                                |
|   |          |             |  CVE-2022-2845   |                                                                |
|   |          |             |  CVE-2022-0417   |                                                                |
|   |          |             |  CVE-2022-1882   |                                                                |
|   |          |             |  CVE-2013-7445   |                                                                |
|   |          |             |  CVE-2019-20838  |                                                                |
|   |          |             |  CVE-2021-42386  |                                                                |
|   |          |             |  CVE-2022-2289   |                                                                |
|   |          |             |  CVE-2022-1304   |                                                                |
|   |          |             |  CVE-2022-2889   |                                                                |
|   |          |             |  CVE-2022-1629   |                                                                |
|   |          |             |  CVE-2021-41617  |                                                                |
|   |          |             |  CVE-2022-2183   |                                                                |
|   |          |             |  CVE-2022-0351   |                                                                |
|   |          |             |  CVE-2020-11725  |                                                                |
|   |          |             |  CVE-2021-4166   |                                                                |
|   |          |             |  CVE-2022-2817   |                                                                |
|   |          |             |  CVE-2020-26557  |                                                                |
|   |          |             |  CVE-2022-29458  |                                                                |
|   |          |             |  CVE-2021-3968   |                                                                |
|   |          |             |  CVE-2022-25265  |                                                                |
|   |          |             |  CVE-2019-19070  |                                                                |
|   |          |             |  CVE-2021-4037   |                                                                |
|   |          |             |  CVE-2019-12456  |                                                                |
|   |          |             |  CVE-2019-19882  |                                                                |
|   |          |             |  CVE-2021-33560  |                                                                |
|   |          |             |  CVE-2022-2522   |                                                                |
|   |          |             |  CVE-2022-2182   |                                                                |
|   |          |             |  CVE-2012-2663   |                                                                |
|   |          |             |  CVE-2022-1796   |                                                                |
|   |          |             |  CVE-2022-2862   |                                                                |
|   |          |             |  CVE-2022-2286   |                                                                |
|   |          |             |  CVE-2020-16156  |                                                                |
|   |          |             |  CVE-2022-1942   |                                                                |
|   |          |             |  CVE-2022-1679   |                                                                |
|   |          |             |  CVE-2021-26934  |                                                                |
|   |          |             | CVE-2018-1000500 |                                                                |
|   |          |             |  CVE-2008-4609   |                                                                |
|   |          |             |  CVE-2019-19449  |                                                                |
|   |          |             |  CVE-2021-42381  |                                                                |
|   |          |             |  CVE-2022-0368   |                                                                |
|   |          |             |  CVE-2022-1720   |                                                                |
|   |          |             |  CVE-2022-2125   |                                                                |
|   |          |             |  CVE-2021-3847   |                                                                |
|   |          |             |  CVE-2022-4139   |                                                                |
|   |          |             |  CVE-2022-4378   |                                                                |
|   |          |             |  CVE-2022-1620   |                                                                |
|   |          |             |  CVE-2021-3872   |                                                                |
|   |          |             |  CVE-2022-2126   |                                                                |
|   |          |             |  CVE-2022-0934   |                                                                |
|   |          |             |  CVE-2021-3928   |                                                                |
|   |          |             |  CVE-2022-2000   |                                                                |
|   |          |             |  CVE-2021-42383  |                                                                |
|   |          |             |  CVE-2022-2816   |                                                                |
|   |          |             |  CVE-2021-3984   |                                                                |
|   |          |             |  CVE-2019-19814  |                                                                |
|   |          |             |  CVE-2022-28733  |                                                                |
|   |          |             |  CVE-2021-3927   |                                                                |
|   |          |             |  CVE-2020-12362  |                                                                |
|   |          |             |  CVE-2018-5709   |                                                                |
|   |          |             |  CVE-2011-4116   |                                                                |
|   |          |             |  CVE-2022-35737  |                                                                |
|   |          |             |  CVE-2022-30065  |                                                                |
|   |          |             |  CVE-2022-28734  |                                                                |
|   |          |             |  CVE-2018-7738   |                                                                |
|   |          |             |  CVE-2021-4187   |                                                                |
|   |          |             |  CVE-2021-4069   |                                                                |
|   |          |             |  CVE-2016-2568   |                                                                |
|   |          |             |  CVE-2022-2343   |                                                                |
|   |          |             |  CVE-2021-32078  |                                                                |
|   |          |             |  CVE-2021-28861  |                                                                |
|   |          |             |  CVE-2021-42380  |                                                                |
|   |          |             |  CVE-2022-2819   |                                                                |
|   |          |             |  CVE-2022-1785   |                                                                |
|   |          |             |  CVE-2021-3864   |                                                                |
|   |          |             |  CVE-2022-0443   |                                                                |
|   |          |             |  CVE-2022-2124   |                                                                |
|   |          |             |  CVE-2021-4019   |                                                                |
|   |          |             |  CVE-2022-1968   |                                                                |
|   |          |             |  CVE-2022-28391  |                                                                |
|   |          |             |  CVE-2022-0500   |                                                                |
|   |          |             |  CVE-2022-3775   |                                                                |
|   |          |             |  CVE-2022-1897   |                                                                |
|   |          |             |  CVE-2022-0261   |                                                                |
|   |          |             |  CVE-2021-42379  |                                                                |
|   |          |             |  CVE-2022-2285   |                                                                |
+---+----------+-------------+------------------+----------------------------------------------------------------+
| 6 |  Medium  | DSA-5251-1  |  CVE-2022-2929   |     isc-dhcp-client-4.4.1-2.3.amd64 < 0:4.4.1-2.3+deb11u1      |
|   |          |             |  CVE-2022-2928   |     isc-dhcp-common-4.4.1-2.3.amd64 < 0:4.4.1-2.3+deb11u1      |
+---+----------+-------------+------------------+----------------------------------------------------------------+
| 7 |  Medium  | no advisory |  CVE-2019-12380  |          avahi-autoipd-0.8-5.amd64 < 0:0.8-5+deb11u1           |
|   |          |             |  CVE-2021-42376  |              bash-5.1-2+deb11u1.amd64 >= 0:0.0.0               |
|   |          |             |  CVE-2019-16234  |               bluetooth-5.55-3.1.all >= 0:0.0.0                |
|   |          |             |  CVE-2022-3586   |                bluez-5.55-3.1.amd64 >= 0:0.0.0                 |
|   |          |             |  CVE-2008-5367   |            libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2022-1674   |        bsdextrautils-2.36.1-8+deb11u1.amd64 >= 0:0.0.0         |
|   |          |             |  CVE-2021-31879  |          bsdutils-1:2.36.1-8+deb11u1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2018-15919  |            eject-2.36.1-8+deb11u1.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2022-1771   |            fdisk-2.36.1-8+deb11u1.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2020-36516  |          libblkid1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2022-1280   |          libfdisk1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2021-3669   |          libmount1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2010-5321   |        libsmartcols1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0         |
|   |          |             |  CVE-2007-6755   |           libuuid1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2020-15719  |            mount-2.36.1-8+deb11u1.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2021-42374  |          util-linux-2.36.1-8+deb11u1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2022-28736  |             busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2016-9804   |              coreutils-8.32-4+b1.amd64 >= 0:0.0.0              |
|   |          |             |  CVE-2021-42375  |          grub-common-2.04-20.amd64 < 0:2.06-3~deb11u1          |
|   |          |             |  CVE-2021-3696   |            grub-pc-2.04-20.amd64 < 0:2.06-3~deb11u1            |
|   |          |             |  CVE-2018-17977  |          grub-pc-bin-2.04-20.amd64 < 0:2.06-3~deb11u1          |
|   |          |             |  CVE-2022-0156   |         grub2-common-2.04-20.amd64 < 0:2.06-3~deb11u1          |
|   |          |             |  CVE-2022-3542   |              initramfs-tools-0.140.all >= 0:0.0.0              |
|   |          |             |  CVE-2016-9799   |           initramfs-tools-core-0.140.all >= 0:0.0.0            |
|   |          |             |  CVE-2011-3389   |     krb5-locales-1.18.3-6+deb11u1.all < 0:1.18.3-6+deb11u3     |
|   |          |             |  CVE-2020-26555  |  libgssapi-krb5-2-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3  |
|   |          |             |  CVE-2019-16229  |    libk5crypto3-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3    |
|   |          |             |  CVE-2020-24504  |     libkrb5-3-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3      |
|   |          |             |  CVE-2017-16231  |  libkrb5support0-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3   |
|   |          |             |  CVE-2021-4193   |                libbpf0-1:0.3-2.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2022-2874   |           libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0            |
|   |          |             |  CVE-2012-4542   |            libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0            |
|   |          |             |  CVE-2022-3715   |             libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2013-4235   |             locales-2.31-13+deb11u3.all >= 0:0.0.0             |
|   |          |             |  CVE-2016-9798   |      libcurl3-gnutls-7.74.0-1.3+deb11u2.amd64 >= 0:0.0.0       |
|   |          |             |  CVE-2020-0347   |          libexpat1-2.2.10-2+deb11u3.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2021-22923  |             libglib2.0-0-2.66.8-1.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2017-14159  |            libglib2.0-data-2.66.8-1.all >= 0:0.0.0             |
|   |          |             |  CVE-2021-3468   |          libgnutls30-3.7.1-5+deb11u2.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2008-5366   |      libldap-2.4-2-2.4.57+dfsg-3+deb11u1.amd64 >= 0:0.0.0      |
|   |          |             |  CVE-2012-0039   |      libldap-common-2.4.57+dfsg-3+deb11u1.all >= 0:0.0.0       |
|   |          |             |  CVE-2020-14145  |            libnss-systemd-247.3-7.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2017-18018  |            libpam-systemd-247.3-7.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2022-4415   |              libsystemd0-247.3-7.amd64 >= 0:0.0.0              |
|   |          |             |  CVE-2021-44879  |               libudev1-247.3-7.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2021-3502   |                systemd-247.3-7.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2022-4095   |             systemd-sysv-247.3-7.amd64 >= 0:0.0.0              |
|   |          |             |  CVE-2022-1420   |           systemd-timesyncd-247.3-7.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2016-3709   |                 udev-247.3-7.amd64 >= 0:0.0.0                  |
|   |          |             |  CVE-2019-15794  |              libpcre3-2:8.39-13.amd64 >= 0:0.0.0               |
|   |          |             |  CVE-2022-0213   |             libpng16-16-1.6.37-3.amd64 >= 0:0.0.0              |
|   |          |             |  CVE-2022-42328  |     libpolkit-agent-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0      |
|   |          |             |  CVE-2022-42329  |    libpolkit-gobject-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0     |
|   |          |             |  CVE-2022-42898  |         policykit-1-0.105-31+deb11u1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2015-3276   |           libprotobuf-c1-1.3.3-1+b2.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2011-4917   |         libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2010-4756   |          libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0          |
|   |          |             |  CVE-2021-4189   |               python3.9-3.9.2-1.amd64 >= 0:0.0.0               |
|   |          |             |  CVE-2019-16233  |           python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2022-2231   |             libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0             |
|   |          |             |  CVE-2021-4214   |          libssl1.1-1.1.1n-0+deb11u3.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2014-9892   |           openssl-1.1.1n-0+deb11u3.amd64 >= 0:0.0.0            |
|   |          |             |  CVE-2008-4677   |        libxml2-2.9.10+dfsg-6.7+deb11u2.amd64 >= 0:0.0.0        |
|   |          |             |  CVE-2008-4996   |    linux-image-5.10.0-16-amd64-5.10.127-2.amd64 >= 0:0.0.0     |
|   |          |             |  CVE-2020-12364  |    linux-image-5.10.0-17-amd64-5.10.136-1.amd64 >= 0:0.0.0     |
|   |          |             |  CVE-2022-2598   |         linux-image-amd64-5.10.136-1.amd64 >= 0:0.0.0          |
|   |          |             | CVE-2017-1000382 |                login-1:4.8.1-1.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2021-3426   |               passwd-1:4.8.1-1.amd64 >= 0:0.0.0                |
|   |          |             |  CVE-2010-0928   |       openssh-client-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0        |
|   |          |             |  CVE-2022-2097   |       openssh-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0        |
|   |          |             |  CVE-2017-13084  |     openssh-sftp-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0     |
|   |          |             |  CVE-2008-5135   |                os-prober-1.79.amd64 >= 0:0.0.0                 |
|   |          |             |  CVE-2016-9803   |                 ppp-2.4.9-1+1.amd64 >= 0:0.0.0                 |
|   |          |             |  CVE-2015-3243   |          rsyslog-8.2102.0-2+deb11u1.amd64 >= 0:0.0.0           |
|   |          |             |  CVE-2017-0630   |         vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0         |
|   |          |             |  CVE-2007-2768   |         vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0         |
|   |          |             |  CVE-2021-45941  |           xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0            |
|   |          |             |  CVE-2016-10723  |              wget-1.21-1+deb11u1.amd64 >= 0:0.0.0              |
|   |          |             |  CVE-2022-3857   |           wpasupplicant-2:2.9.0-21.amd64 >= 0:0.0.0            |
|   |          |             |  CVE-2021-3658   |                                                                |
|   |          |             |  CVE-2020-26142  |                                                                |
|   |          |             |  CVE-2022-2208   |                                                                |
|   |          |             |  CVE-2022-2873   |                                                                |
|   |          |             |  CVE-2021-45346  |                                                                |
|   |          |             |  CVE-2022-4662   |                                                                |
|   |          |             |  CVE-2022-0714   |                                                                |
|   |          |             |  CVE-2021-4023   |                                                                |
|   |          |             |  CVE-2007-5686   |                                                                |
|   |          |             |  CVE-2019-6129   |                                                                |
|   |          |             |  CVE-2022-3061   |                                                                |
|   |          |             |  CVE-2022-0171   |                                                                |
|   |          |             |  CVE-2020-12363  |                                                                |
|   |          |             |  CVE-2022-33070  |                                                                |
|   |          |             |  CVE-2017-13694  |                                                                |
|   |          |             |  CVE-2021-3714   |                                                                |
|   |          |             |  CVE-2022-1184   |                                                                |
|   |          |             |  CVE-2020-26143  |                                                                |
|   |          |             | CVE-2019-1010025 |                                                                |
|   |          |             |  CVE-2020-13529  |                                                                |
|   |          |             |  CVE-2019-16089  |                                                                |
|   |          |             |  CVE-2022-0563   |                                                                |
|   |          |             |  CVE-2019-15213  |                                                                |
|   |          |             |  CVE-2019-12379  |                                                                |
|   |          |             |  CVE-2014-9900   |                                                                |
|   |          |             |  CVE-2022-2923   |                                                                |
|   |          |             |  CVE-2019-5062   |                                                                |
|   |          |             |  CVE-2021-30004  |                                                                |
|   |          |             |  CVE-2016-9797   |                                                                |
|   |          |             |  CVE-2016-9801   |                                                                |
|   |          |             |  CVE-2017-13693  |                                                                |
|   |          |             |  CVE-2007-2243   |                                                                |
|   |          |             |  CVE-2019-6110   |                                                                |
|   |          |             |  CVE-2022-0696   |                                                                |
|   |          |             |  CVE-2019-12381  |                                                                |
|   |          |             |  CVE-2021-4115   |                                                                |
|   |          |             |  CVE-2019-16231  |                                                                |
|   |          |             |  CVE-2019-12382  |                                                                |
|   |          |             |  CVE-2022-3344   |                                                                |
|   |          |             |  CVE-2020-14304  |                                                                |
|   |          |             |  CVE-2022-23825  |                                                                |
|   |          |             |  CVE-2019-12455  |                                                                |
|   |          |             |  CVE-2004-0230   |                                                                |
|   |          |             |  CVE-2022-3707   |                                                                |
|   |          |             |  CVE-2019-16230  |                                                                |
|   |          |             | CVE-2019-1010024 |                                                                |
|   |          |             |  CVE-2020-26140  |                                                                |
|   |          |             |  CVE-2016-20012  |                                                                |
|   |          |             |  CVE-2021-22922  |                                                                |
|   |          |             |  CVE-2021-3759   |                                                                |
|   |          |             |  CVE-2022-0480   |                                                                |
|   |          |             |  CVE-2011-4916   |                                                                |
|   |          |             |  CVE-2005-3660   |                                                                |
|   |          |             |  CVE-2010-4563   |                                                                |
|   |          |             |  CVE-2016-8660   |                                                                |
|   |          |             |  CVE-2008-3234   |                                                                |
|   |          |             |  CVE-2013-0340   |                                                                |
|   |          |             |  CVE-2019-20794  |                                                                |
|   |          |             |  CVE-2016-2781   |                                                                |
|   |          |             |  CVE-2019-16232  |                                                                |
|   |          |             |  CVE-2021-33061  |                                                                |
|   |          |             |  CVE-2022-3628   |                                                                |
|   |          |             |  CVE-2018-12928  |                                                                |
|   |          |             |  CVE-2022-28735  |                                                                |
|   |          |             |  CVE-2018-1121   |                                                                |
|   |          |             |  CVE-2022-1462   |                                                                |
|   |          |             |  CVE-2022-43552  |                                                                |
|   |          |             |  CVE-2016-9800   |                                                                |
|   |          |             |  CVE-2019-12378  |                                                                |
|   |          |             |  CVE-2021-4149   |                                                                |
|   |          |             |  CVE-2011-4915   |                                                                |
|   |          |             |  CVE-2020-15802  |                                                                |
|   |          |             |  CVE-2021-45940  |                                                                |
|   |          |             |  CVE-2022-2153   |                                                                |
|   |          |             |  CVE-2022-4543   |                                                                |
|   |          |             |  CVE-2021-41229  |                                                                |
|   |          |             |  CVE-2008-2544   |                                                                |
|   |          |             |  CVE-2016-9802   |                                                                |
|   |          |             |  CVE-2022-3606   |                                                                |
|   |          |             |  CVE-2022-0400   |                                                                |
|   |          |             |  CVE-2022-0319   |                                                                |
|   |          |             |  CVE-2022-21505  |                                                                |
|   |          |             |  CVE-2021-3733   |                                                                |
|   |          |             |  CVE-2021-42373  |                                                                |
|   |          |             |  CVE-2021-3695   |                                                                |
+---+----------+-------------+------------------+----------------------------------------------------------------+

And we can see that the APIs returned different detection results for the DSA/DLA bulletins. The intersection of the sets is empty.

Vulners ∖ VulnsIO: 3 {'DLA-3206-1', 'DSA-5287-1', 'DLA-3152-1'}
Vulners ∩ VulnsIO: 0 set()
VulnsIO ∖ Vulners: 4 {'DSA-5207-1', 'DSA-5235-1', 'DSA-5236-1', 'DSA-5251-1'}

At the same time, proofs look convincing at first glance. In this episode, I won’t go into why there is such a difference in Debian vulnerability detection results. Perhaps the answer is in the operation of the API, and perhaps in the collection of data from the host. I think we will solve this with colleagues from Vulners and Vulns.io. I’m just pointing out again that vulnerability detection is not that easy and it’s good when you can use several independent detection engines and compare the results.

Docker image

Next, I check the vulnerabilities for the Docker image. It is also based on Debian 11.

$ python3.8 scanvus.py --audit-service vulners --assessment-type "docker_image" --docker-image "python:3.9.6-slim-bullseye"
  /$$$$$$$  /$$$$$$$  /$$$$$$  /$$$$$$$  /$$    /$$/$$   /$$  /$$$$$$$
 /$$_____/ /$$_____/ |____  $$| $$__  $$|  $$  /$$/ $$  | $$ /$$_____/
|  $$$$$$ | $$        /$$$$$$$| $$  \ $$ \  $$/$$/| $$  | $$|  $$$$$$ 
 \____  $$| $$       /$$__  $$| $$  | $$  \  $$$/ | $$  | $$ \____  $$
 /$$$$$$$/|  $$$$$$$|  $$$$$$$| $$  | $$   \  $/  |  $$$$$$/ /$$$$$$$/
|_______/  \_______/ \_______/|__/  |__/    \_/    \______/ |_______/ 
Getting assessment target...
  assessment_type: docker_image
  docker_image: python:3.9.6-slim-bullseye
Getting OS inventory data...
  os_name: debian
  os_version: 11
  package_list_len: 105
Getting vulnerability data...
Getting vulnerability report...
-------------
Vulnerability Report for python:3.9.6-slim-bullseye (docker_image, debian 11, linux kernel 5.4.0-135-generic, 105 packages)
22 vulnerabilities with levels ['Critical', 'High', 'Medium'] were found
+----+----------+-------------------------+----------------+----------------------------------------------------+
| N  |  Level   |        Bulletin         |      CVE       |                       Proof                        |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 1  | Critical | DEBIAN:DLA-2904-1:6B1FD | CVE-2021-45960 |    libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1     |
|    |          |                         | CVE-2021-46143 |                                                    |
|    |          |                         | CVE-2022-22822 |                                                    |
|    |          |                         | CVE-2022-22823 |                                                    |
|    |          |                         | CVE-2022-22824 |                                                    |
|    |          |                         | CVE-2022-22825 |                                                    |
|    |          |                         | CVE-2022-22826 |                                                    |
|    |          |                         | CVE-2022-22827 |                                                    |
|    |          |                         | CVE-2022-23852 |                                                    |
|    |          |                         | CVE-2022-23990 |                                                    |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 2  | Critical | DEBIAN:DLA-3008-1:E2717 | CVE-2022-1292  |    libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2     |
|    |          |                         |                |     openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2      |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 3  | Critical | DEBIAN:DSA-5073-1:5DBA9 | CVE-2021-45960 |    libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1     |
|    |          |                         | CVE-2021-46143 |                                                    |
|    |          |                         | CVE-2022-22822 |                                                    |
|    |          |                         | CVE-2022-22823 |                                                    |
|    |          |                         | CVE-2022-22824 |                                                    |
|    |          |                         | CVE-2022-22825 |                                                    |
|    |          |                         | CVE-2022-22826 |                                                    |
|    |          |                         | CVE-2022-22827 |                                                    |
|    |          |                         | CVE-2022-23852 |                                                    |
|    |          |                         | CVE-2022-23990 |                                                    |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 4  | Critical | DEBIAN:DSA-5139-1:0E208 | CVE-2022-1292  |    libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2     |
|    |          |                         |                |     openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2      |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 5  | Critical | DEBIAN:DSA-5169-1:87483 | CVE-2022-2068  |    libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u3     |
|    |          |                         |                |     openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u3      |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 6  |   High   | DEBIAN:DLA-2935-1:EEAAD | CVE-2022-23852 |    libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1     |
|    |          |                         | CVE-2022-25235 |                                                    |
|    |          |                         | CVE-2022-25236 |                                                    |
|    |          |                         | CVE-2022-25313 |                                                    |
|    |          |                         | CVE-2022-25315 |                                                    |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 7  |   High   | DEBIAN:DLA-3022-1:26EFE | CVE-2022-1664  |            dpkg 1.20.9 amd64 < 1.20.10             |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 8  |   High   | DEBIAN:DLA-3152-1:9B676 | CVE-2016-10228 |      libc-bin 2.31-13 amd64 < 2.31-13+deb11u3      |
|    |          |                         | CVE-2019-19126 |       libc6 2.31-13 amd64 < 2.31-13+deb11u3        |
|    |          |                         | CVE-2019-25013 |                                                    |
|    |          |                         | CVE-2020-10029 |                                                    |
|    |          |                         | CVE-2020-1752  |                                                    |
|    |          |                         | CVE-2020-27618 |                                                    |
|    |          |                         | CVE-2020-6096  |                                                    |
|    |          |                         | CVE-2021-27645 |                                                    |
|    |          |                         | CVE-2021-3326  |                                                    |
|    |          |                         | CVE-2021-33574 |                                                    |
|    |          |                         | CVE-2021-35942 |                                                    |
|    |          |                         | CVE-2021-3999  |                                                    |
|    |          |                         | CVE-2022-23218 |                                                    |
|    |          |                         | CVE-2022-23219 |                                                    |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 9  |   High   | DEBIAN:DSA-4963-1:90BFC | CVE-2021-3711  |    libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1     |
|    |          |                         | CVE-2021-3712  |     openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1      |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 10 |   High   | DEBIAN:DSA-4963-1:DA7BC | CVE-2021-3711  |    libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1     |
|    |          |                         | CVE-2021-3712  |     openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1      |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 11 |   High   | DEBIAN:DSA-5085-1:EC5E7 | CVE-2022-25235 |    libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u2     |
|    |          |                         | CVE-2022-25236 |                                                    |
|    |          |                         | CVE-2022-25313 |                                                    |
|    |          |                         | CVE-2022-25314 |                                                    |
|    |          |                         | CVE-2022-25315 |                                                    |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 12 |   High   | DEBIAN:DSA-5085-2:292DA | CVE-2022-25236 |    libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u3     |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 13 |   High   | DEBIAN:DSA-5147-1:638F9 | CVE-2022-1664  |            dpkg 1.20.9 amd64 < 1.20.10             |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 14 |  Medium  | DEBIAN:DLA-2766-1:9EFDC | CVE-2021-3712  |    libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1     |
|    |          |                         |                |     openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1      |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 15 |  Medium  | DEBIAN:DLA-2771-1:D1964 | CVE-2018-20217 |   libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u1   |
|    |          |                         | CVE-2018-5729  |    libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u1     |
|    |          |                         | CVE-2018-5730  | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |
|    |          |                         | CVE-2021-37750 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u1  |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 16 |  Medium  | DEBIAN:DLA-2774-1:D8CE0 | CVE-2021-3712  |    libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1     |
|    |          |                         |                |     openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1      |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 17 |  Medium  | DEBIAN:DLA-2952-1:7651B | CVE-2019-1551  |    libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2     |
|    |          |                         | CVE-2022-0778  |     openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2      |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 18 |  Medium  | DEBIAN:DLA-2953-1:551CB | CVE-2022-0778  |    libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2     |
|    |          |                         |                |     openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2      |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 19 |  Medium  | DEBIAN:DLA-3206-1:5481E | CVE-2019-14870 |   libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u3   |
|    |          |                         | CVE-2021-3671  |    libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u3     |
|    |          |                         | CVE-2021-44758 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |
|    |          |                         | CVE-2022-3437  | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u3  |
|    |          |                         | CVE-2022-41916 |                                                    |
|    |          |                         | CVE-2022-42898 |                                                    |
|    |          |                         | CVE-2022-44640 |                                                    |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 20 |  Medium  | DEBIAN:DSA-5103-1:C47DD | CVE-2021-4160  |    libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2     |
|    |          |                         | CVE-2022-0778  |     openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2      |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 21 |  Medium  | DEBIAN:DSA-5174-1:32717 | CVE-2022-34903 |       gpgv 2.2.27-2 amd64 < 2.2.27-2+deb11u2       |
+----+----------+-------------------------+----------------+----------------------------------------------------+
| 22 |  Medium  | DEBIAN:DSA-5287-1:12BD4 | CVE-2021-3671  |   libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u3   |
|    |          |                         | CVE-2021-44758 |    libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u3     |
|    |          |                         | CVE-2022-3437  | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |
|    |          |                         | CVE-2022-41916 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u3  |
|    |          |                         | CVE-2022-42898 |                                                    |
|    |          |                         | CVE-2022-44640 |                                                    |
+----+----------+-------------------------+----------------+----------------------------------------------------+
$ python3.8 scanvus.py --audit-service vulnsio --assessment-type "docker_image" --docker-image "python:3.9.6-slim-bullseye"  
  /$$$$$$$  /$$$$$$$  /$$$$$$  /$$$$$$$  /$$    /$$/$$   /$$  /$$$$$$$
 /$$_____/ /$$_____/ |____  $$| $$__  $$|  $$  /$$/ $$  | $$ /$$_____/
|  $$$$$$ | $$        /$$$$$$$| $$  \ $$ \  $$/$$/| $$  | $$|  $$$$$$ 
 \____  $$| $$       /$$__  $$| $$  | $$  \  $$$/ | $$  | $$ \____  $$
 /$$$$$$$/|  $$$$$$$|  $$$$$$$| $$  | $$   \  $/  |  $$$$$$/ /$$$$$$$/
|_______/  \_______/ \_______/|__/  |__/    \_/    \______/ |_______/ 
Getting assessment target...
  assessment_type: docker_image
  docker_image: python:3.9.6-slim-bullseye
Getting OS inventory data...
  os_name: debian
  os_version: 11
  package_list_len: 105
Getting vulnerability data...
Getting vulnerability report...
-------------
Vulnerability Report for python:3.9.6-slim-bullseye (docker_image, debian 11, linux kernel 5.4.0-135-generic, 105 packages)
19 vulnerabilities with levels ['Critical', 'High', 'Medium'] were found
+----+----------+-------------+------------------+--------------------------------------------------------+
| N  |  Level   |  Bulletin   |       CVE        |                         Proof                          |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 1  | Critical | DSA-4963-1  |  CVE-2021-3711   |     libssl1.1-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u1      |
|    |          |             |  CVE-2021-3712   |      openssl-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u1       |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 2  | Critical | DSA-5073-1  |  CVE-2022-23852  |     libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u1      |
|    |          |             |  CVE-2022-23990  |                                                        |
|    |          |             |  CVE-2021-46143  |                                                        |
|    |          |             |  CVE-2022-22824  |                                                        |
|    |          |             |  CVE-2022-22827  |                                                        |
|    |          |             |  CVE-2021-45960  |                                                        |
|    |          |             |  CVE-2022-22822  |                                                        |
|    |          |             |  CVE-2022-22825  |                                                        |
|    |          |             |  CVE-2022-22823  |                                                        |
|    |          |             |  CVE-2022-22826  |                                                        |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 3  | Critical | DSA-5085-1  |  CVE-2022-25236  |     libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u2      |
|    |          |             |  CVE-2022-25314  |                                                        |
|    |          |             |  CVE-2022-25235  |                                                        |
|    |          |             |  CVE-2022-25315  |                                                        |
|    |          |             |  CVE-2022-25313  |                                                        |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 4  | Critical | DSA-5139-1  |  CVE-2022-1292   |     libssl1.1-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u2      |
|    |          |             |                  |      openssl-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u2       |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 5  | Critical | DSA-5147-1  |  CVE-2022-1664   |             dpkg-1.20.9.amd64 < 0:1.20.10              |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 6  | Critical | DSA-5169-1  |  CVE-2022-2068   |     libssl1.1-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u3      |
|    |          |             |                  |      openssl-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u3       |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 7  | Critical | DSA-5218-1  |  CVE-2022-37434  | zlib1g-1:1.2.11.dfsg-2.amd64 < 1:1.2.11.dfsg-2+deb11u2 |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 8  | Critical | DSA-5236-1  |  CVE-2022-40674  |     libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u4      |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 9  | Critical | no advisory |  CVE-2022-23218  |       libc-bin-2.31-13.amd64 < 0:2.31-13+deb11u3       |
|    |          |             |  CVE-2022-46908  |        libc6-2.31-13.amd64 < 0:2.31-13+deb11u3         |
|    |          |             | CVE-2019-1010022 |       libdb5.3-5.3.28+dfsg1-0.8.amd64 >= 0:0.0.0       |
|    |          |             |  CVE-2022-23219  |     libpcre2-8-0-10.36-2.amd64 < 0:10.36-2+deb11u1     |
|    |          |             |  CVE-2019-8457   |         libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0         |
|    |          |             |  CVE-2021-33574  |     libtasn1-6-4.16.0-2.amd64 < 0:4.16.0-2+deb11u1     |
|    |          |             |  CVE-2005-2541   |            tar-1.34+dfsg-1.amd64 >= 0:0.0.0            |
|    |          |             |  CVE-2022-1587   |                                                        |
|    |          |             |  CVE-2022-1586   |                                                        |
|    |          |             |  CVE-2021-46848  |                                                        |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 10 |   High   | DSA-5103-1  |  CVE-2022-0778   |     libssl1.1-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u2      |
|    |          |             |  CVE-2021-4160   |      openssl-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u2       |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 11 |   High   | DSA-5111-1  |  CVE-2018-25032  | zlib1g-1:1.2.11.dfsg-2.amd64 < 1:1.2.11.dfsg-2+deb11u1 |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 12 |   High   | DSA-5122-1  |  CVE-2022-1271   |          gzip-1.10-4.amd64 < 0:1.10-4+deb11u1          |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 13 |   High   | DSA-5123-1  |  CVE-2022-1271   |      liblzma5-5.2.5-2.amd64 < 0:5.2.5-2.1~deb11u1      |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 14 |   High   | DSA-5200-1  |  CVE-2021-46828  |    libtirpc-common-1.3.1-1.all < 0:1.3.1-1+deb11u1     |
|    |          |             |                  |      libtirpc3-1.3.1-1.amd64 < 0:1.3.1-1+deb11u1       |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 15 |   High   | DSA-5203-1  |  CVE-2022-2509   |     libgnutls30-3.7.1-5.amd64 < 0:3.7.1-5+deb11u2      |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 16 |   High   | no advisory |  CVE-2022-29458  |          e2fsprogs-1.46.2-2.amd64 >= 0:0.0.0           |
|    |          |             |  CVE-2018-6829   |         libcom-err2-1.46.2-2.amd64 >= 0:0.0.0          |
|    |          |             |  CVE-2021-43618  |          libext2fs2-1.46.2-2.amd64 >= 0:0.0.0          |
|    |          |             |  CVE-2019-20838  |            libss2-1.46.2-2.amd64 >= 0:0.0.0            |
|    |          |             |  CVE-2021-36690  |           logsave-1.46.2-2.amd64 >= 0:0.0.0            |
|    |          |             |  CVE-2019-19882  |       libc-bin-2.31-13.amd64 < 0:2.31-13+deb11u3       |
|    |          |             |  CVE-2011-4116   |        libc6-2.31-13.amd64 < 0:2.31-13+deb11u3         |
|    |          |             |  CVE-2022-1304   |     libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u5      |
|    |          |             |  CVE-2017-7246   |          libgcrypt20-1.8.7-6.amd64 >= 0:0.0.0          |
|    |          |             |  CVE-2018-20796  | libgmp10-2:6.2.1+dfsg-1.amd64 < 2:6.2.1+dfsg-1+deb11u1 |
|    |          |             | CVE-2019-1010023 |       libgssapi-krb5-2-1.18.3-6.amd64 >= 0:0.0.0       |
|    |          |             |  CVE-2021-39537  |         libk5crypto3-1.18.3-6.amd64 >= 0:0.0.0         |
|    |          |             |  CVE-2020-16156  |          libkrb5-3-1.18.3-6.amd64 >= 0:0.0.0           |
|    |          |             |  CVE-2022-43680  |       libkrb5support0-1.18.3-6.amd64 >= 0:0.0.0        |
|    |          |             |  CVE-2018-5709   |      libncursesw6-6.2+20201114-2.amd64 >= 0:0.0.0      |
|    |          |             |  CVE-2019-9192   |       libtinfo6-6.2+20201114-2.amd64 >= 0:0.0.0        |
|    |          |             |  CVE-2021-3999   |       ncurses-base-6.2+20201114-2.all >= 0:0.0.0       |
|    |          |             |  CVE-2017-7245   |      ncurses-bin-6.2+20201114-2.amd64 >= 0:0.0.0       |
|    |          |             |  CVE-2017-11164  |          libpcre3-2:8.39-13.amd64 >= 0:0.0.0           |
|    |          |             |  CVE-2022-35737  |         libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0         |
|    |          |             |  CVE-2021-43396  |            login-1:4.8.1-1.amd64 >= 0:0.0.0            |
|    |          |             |  CVE-2021-33560  |           passwd-1:4.8.1-1.amd64 >= 0:0.0.0            |
|    |          |             |                  |      perl-base-5.32.1-4+deb11u1.amd64 >= 0:0.0.0       |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 17 |  Medium  | DSA-5055-1  |  CVE-2021-3996   |     bsdutils-1:2.36.1-8.amd64 < 0:2.36.1-8+deb11u1     |
|    |          |             |  CVE-2021-3995   |     libblkid1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1      |
|    |          |             |                  |     libmount1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1      |
|    |          |             |                  |   libsmartcols1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1    |
|    |          |             |                  |      libuuid1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1      |
|    |          |             |                  |       mount-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1        |
|    |          |             |                  |     util-linux-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1     |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 18 |  Medium  | DSA-5174-1  |  CVE-2022-34903  |        gpgv-2.2.27-2.amd64 < 0:2.2.27-2+deb11u2        |
+----+----------+-------------+------------------+--------------------------------------------------------+
| 19 |  Medium  | no advisory |  CVE-2022-2097   |             bash-5.1-2+b3.amd64 >= 0:0.0.0             |
|    |          |             |  CVE-2013-4235   |          bsdutils-1:2.36.1-8.amd64 >= 0:0.0.0          |
|    |          |             | CVE-2019-1010024 |          libblkid1-2.36.1-8.amd64 >= 0:0.0.0           |
|    |          |             |  CVE-2010-0928   |          libmount1-2.36.1-8.amd64 >= 0:0.0.0           |
|    |          |             |  CVE-2021-4209   |        libsmartcols1-2.36.1-8.amd64 >= 0:0.0.0         |
|    |          |             |  CVE-2016-2781   |           libuuid1-2.36.1-8.amd64 >= 0:0.0.0           |
|    |          |             |  CVE-2017-16231  |            mount-2.36.1-8.amd64 >= 0:0.0.0             |
|    |          |             |  CVE-2022-42898  |          util-linux-2.36.1-8.amd64 >= 0:0.0.0          |
|    |          |             |  CVE-2017-18018  |          coreutils-8.32-4+b1.amd64 >= 0:0.0.0          |
|    |          |             |  CVE-2021-45346  |           libc-bin-2.31-13.amd64 >= 0:0.0.0            |
|    |          |             |  CVE-2021-37750  |             libc6-2.31-13.amd64 >= 0:0.0.0             |
|    |          |             |  CVE-2007-6755   |          libexpat1-2.2.10-2.amd64 >= 0:0.0.0           |
|    |          |             |  CVE-2010-4756   |          libgnutls30-3.7.1-5.amd64 >= 0:0.0.0          |
|    |          |             |  CVE-2013-0340   |  libgssapi-krb5-2-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1  |
|    |          |             |  CVE-2021-3997   |    libk5crypto3-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1    |
|    |          |             |  CVE-2011-3389   |     libkrb5-3-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1      |
|    |          |             |  CVE-2022-3715   |  libkrb5support0-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1   |
|    |          |             |  CVE-2022-0563   |          libpcre3-2:8.39-13.amd64 >= 0:0.0.0           |
|    |          |             |  CVE-2020-13529  |         libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0         |
|    |          |             |  CVE-2022-4415   |          libssl1.1-1.1.1k-1.amd64 >= 0:0.0.0           |
|    |          |             | CVE-2019-1010025 |           openssl-1.1.1k-1.amd64 >= 0:0.0.0            |
|    |          |             |  CVE-2007-5686   |         libsystemd0-247.3-6.amd64 < 0:247.3-7          |
|    |          |             |                  |           libudev1-247.3-6.amd64 < 0:247.3-7           |
|    |          |             |                  |            login-1:4.8.1-1.amd64 >= 0:0.0.0            |
|    |          |             |                  |           passwd-1:4.8.1-1.amd64 >= 0:0.0.0            |
+----+----------+-------------+------------------+--------------------------------------------------------+

In this case, more vulnerabilities were detected. We can also see a big difference in the results, but there is already some intersection of the sets.

Vulners ∖ VulnsIO: 13 {'DSA-5287-1', 'DLA-2771-1', 'DLA-2904-1', 'DLA-3022-1', 'DLA-3206-1', 'DLA-2766-1', 'DLA-2935-1', 'DLA-2774-1', 'DLA-3008-1', 'DLA-3152-1', 'DLA-2953-1', 'DSA-5085-2', 'DLA-2952-1'}
Vulners ∩ VulnsIO: 8 {'DSA-5147-1', 'DSA-5073-1', 'DSA-5174-1', 'DSA-4963-1', 'DSA-5169-1', 'DSA-5139-1', 'DSA-5085-1', 'DSA-5103-1'}
VulnsIO ∖ Vulners: 8 {'DSA-5111-1', 'DSA-5055-1', 'DSA-5123-1', 'DSA-5122-1', 'DSA-5236-1', 'DSA-5203-1', 'DSA-5218-1', 'DSA-5200-1'}

We can look at one bulletin that was detected by two APIs.

Vulners:

| 13 | High | DEBIAN:DSA-5147-1:638F9 | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 |

Vulns.io:

| 5 | Critical | DSA-5147-1 | CVE-2022-1664 | dpkg-1.20.9.amd64 < 0:1.20.10 |

As you can see from the proofs, the detection criteria are the same. And this is good. I would also like to draw attention to the different values of the criticality level for the bulletin. Debian does not provide a this criticality level, apparently it is calculated by the vendors based on CVSS, but in different ways.

What’s next?

As we can see, support for the Vulners.com and Vulns.io APIs in Scanvus opens up new opportunities for testing the correctness of the detection for all supported Linux distributions.

Currently, support for the Vulners.com API and support for the Vulns.io API are implemented equally, but they are implemented independently. The bash inventory scripts for each of the APIs are different. Two independent reporting functions are also used. It seems right to unify the inventory script so that the same inventory results can be checked with Vulners.com and Vulns.io. It also seems right to create a single format for presenting detection results and convert raw results from APIs into this format. This format could be used for reporting and further integrations. In this way, it will be possible to debug the scheme for adding new APIs to Scanvus.

2 thoughts on “Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

  1. Pingback: How Debian OVAL content is structured | Alexander V. Leonov

  2. Pingback: February 2024: Vulremi, Vuldetta, PT VM Course relaunch, PT TrendVulns digests, Ivanti, Fortinet, MSPT, Linux PW | Alexander V. Leonov

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.