ThreatMapper icon indicating copy to clipboard operation
ThreatMapper copied to clipboard

Published 20 hours ago verified publisher icon deepfence

[v2] Base OS vulnerabilities not scanned in vulnerability scan

Open jatin-baweja opened this issue 1 year ago • 2 comments

Describe the bug Base OS packages are not scanned when initiating vulnerability scan.

To Reproduce Steps to reproduce the behavior:

  1. Go to 'Topology'
  2. Click on 'Hosts' tab and click on any host in the list
  3. Click on Scan dropdown on the top right of the sidebar and select 'Start Vulnerability Scan'
  4. In the new pop-up in the sidebar, no information/checkbox to indicate that base OS vulnerabilities will be scanned.
  5. Once scan is complete, no OS vulnerabilties

Expected behavior Base OS vulnerabilities also need to be scanned for, other than language vulnerabilities

Screenshots base_vulnerabilities_checkbox_missing

Components/Services affected

  • [x] UI/Frontend
  • [x] API/Backend
  • [ ] Agent
  • [ ] Deployment/YAMLs
  • [ ] CI/CD Integration
  • [ ] Other (specify)

jatin-baweja avatar Jul 17 '23 14:07 jatin-baweja

@jatin-baweja Please elaborate on the changes you want us to make.

manV avatar Jul 18 '23 06:07 manV

@manV Need to add additional {"language": "base"} in scan_config array in start vulnerability scan request and a disabled checkbox in the UI saying OS Packages like we had earlier

jatin-baweja avatar Jul 18 '23 11:07 jatin-baweja