cve-check-tool
cve-check-tool copied to clipboard
clearlinux
Original Automated CVE Checking Tool
Hello, I am running Ubuntu on an arm64 and are unable to complete the autogen.sh script. I did install the packages that are listed as missing below: `checking for malloc_trim......
The XML feeds that this tool is consuming will go away in a few months (April 2019): https://nvd.nist.gov/General/News/JSON-Feed-1-0-Release Is there any plans or work underway already to use the JSON...
nvd.nist.gov does not host the xml files anymore (see https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement) which makes the update fail and prevents the tool from running.
cve-check-update % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 182 100 182 0 0 798 0 --:--:-- --:--:-- --:--:--...
when do a cve-check-update , it errors Skipped: nvdcve-2.0-2013.xml.gz % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0...
This can quite simply be achieved via a transition to `libarchive` and then parsing the files. We'll need to know how to deal with both source and binary versions, for...
Hi, cve-check-tool as integrated into yocto cve-check feature fails to detect CVE's which match to certain SW version and previous versions. For example the systemd "0day" bug CVE says: https://nvd.nist.gov/vuln/detail/CVE-2017-1000082...
META file should have key:value lines but if the NIST NVD website is down, instead of the META file, the page describing the site being down is downloaded instead, which...
