Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix CVE scanner and results handling (master) #1141

Merged
merged 8 commits into from
Jun 22, 2020
Merged

Fix CVE scanner and results handling (master) #1141

merged 8 commits into from
Jun 22, 2020

Conversation

timopollmeier
Copy link
Member

@timopollmeier timopollmeier commented Jun 18, 2020
edited
Loading

This addresses the following smaller issues with the CVE scanner and results handling:

  • Results that have no entry in NVTs table with a matching OID (like CVE results) were not shown.
  • Multiple App location host details per report host could cause SQL errors (SQL query faults #1133) and generate duplicated results.

Checklist:

@timopollmeier
Remove global_current_report uses in cve_scan_host
d78dd4e 
The function should now always be called when generating a report, so
some checks can be removed and the explicit use of the global variable
is reduced.
@timopollmeier
Fix queries for results that do not match NVTs
f51cd73 
Results where the NVT field did not match any OID in the nvts table like
CVE scan results were not shown. Now an LEFT OUTER JOIN is used so the
results show up, just without NVT-specific data.
@timopollmeier
Handle multiple app locations per host in CVE scan
ba3be23 
This not only adds more of the available locations but also fixes an
SQL error that occurred because only a single matching "App" host detail
was expected.
@timopollmeier
Make make prognosis iterator results more unique
472f695 
The iterator from init_host_prognosis_iterator now discards duplicate
combinations of CVE, CPE and host in case there are multiple matching
App detection host details.
@timopollmeier
Add CVE scanner/results fix to CHANGELOG
1343bd0
@timopollmeier
Merge branch 'master' of github.com:greenbone/gvm into cve-scan-fix-m…
8645dc3 
…aster
@timopollmeier timopollmeier marked this pull request as ready for review June 18, 2020 15:36
mattmundell and others added 2 commits June 22, 2020 11:33
@mattmundell mattmundell merged commit 8317d86 into greenbone:master Jun 22, 2020
@timopollmeier timopollmeier deleted the cve-scan-fix-master branch October 15, 2021 10:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mattmundell mattmundell mattmundell approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@timopollmeier @mattmundell