Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support OS context for Programming Language CVEs #3982

Closed
Moniseeta opened this issue Apr 4, 2023 · 0 comments · Fixed by #4117
Closed

Support OS context for Programming Language CVEs #3982

Moniseeta opened this issue Apr 4, 2023 · 0 comments · Fixed by #4117
Assignees
@knqyf263
Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/backlog Higher priority than priority/awaiting-more-evidence.
Milestone
v0.42.0

Comments

@Moniseeta
Copy link
Contributor

Its observed that programming language CVE may not always be vulnerable with all OSes, so it's important to store OS context also for Programming language CVE.

Example CVE: NVD - CVE-2020-0601
This CVE is ONLY applicable for Go packages running on Windows OS.

Goal

Report the vuln for the image if both PLversion and OS match is found.
@Moniseeta Moniseeta added the kind/feature Categorizes issue or PR as related to a new feature. label Apr 4, 2023
@Moniseeta Moniseeta mentioned this issue Apr 4, 2023
Closed
3 tasks
@knqyf263 knqyf263 added this to the v0.40.0 milestone Apr 4, 2023
@knqyf263 knqyf263 added the priority/backlog Higher priority than priority/awaiting-more-evidence. label Apr 4, 2023
@knqyf263 knqyf263 self-assigned this Apr 4, 2023
@knqyf263 knqyf263 modified the milestones: v0.41.0, v0.42.0 Apr 19, 2023
@knqyf263 knqyf263 mentioned this issue Apr 24, 2023
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@knqyf263 knqyf263

Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/backlog Higher priority than priority/awaiting-more-evidence.
Projects
Trivy Roadmap
Archived in project
Milestone
v0.42.0
2 participants
@knqyf263 @Moniseeta