vuls icon indicating copy to clipboard operation
vuls copied to clipboard

Published 20 hours ago verified publisher icon future-architect

How is server/json mode expected to work for windows ?

Open maxenced opened this issue 11 months ago • 1 comments

Hi,

With latest (as of march 2024) version of vuls + gost (+gocve-dict and goval-dict), I can't find a way to get results for windows, using server mode + json. The sample provided at https://vuls.io/docs/en/usage-server.html#windows-1 is missing the packages list. I tried something like this : windows3.json but still don't get any result (even when moving all KBs as unapplied).

Anyone has a working example ?

maxenced avatar Mar 26 '24 08:03 maxenced

@maxenced

Thanks for the good questions! This was a mistake in the document. Referring to your json, you should change it as follows.

26c26
<   "release": "Windows 10 Version 22H2 for x64-based System",
---
>   "release": "Windows 10 Version 22H2 for x64-based Systems",

Running the corrected document, it looks like this

$ cat windows.json
{
  "family": "windows",
  "release": "Windows 10 Version 22H2 for x64-based Systems",
  "runningKernel": {
    "version": "10.0.19045.2546"
  },
  "windowsKB": {
    "applied": [
      "5020030"
    ],
    "unapplied": [
      "5022834"
    ]
  }
}

$ curl -X POST -H "Content-Type: application/json" -d @windows.json http://127.0.0.1:5515/vuls | jq
[
  {
    "jsonVersion": 0,
    "lang": "",
    "serverUUID": "",
    "serverName": "",
    "family": "windows",
    "release": "Windows 10 Version 22H2 for x64-based Systems",
    "container": {
      "containerID": "",
      "name": "",
      "image": "",
      "type": "",
      "uuid": ""
    },
    "platform": {
      "name": "",
      "instanceID": ""
    },
    "scannedAt": "0001-01-01T00:00:00Z",
    "scanMode": "",
    "scannedVersion": "",
    "scannedRevision": "",
    "scannedBy": "",
    "scannedVia": "",
    "reportedAt": "2024-03-26T19:10:17.762998304+09:00",
    "reportedVersion": "",
    "reportedRevision": "",
    "reportedBy": "",
    "errors": null,
    "warnings": null,
    "scannedCves": {
      "ADV220005": {
        "cveID": "ADV220005",
        "confidences": [
          {
            "score": 100,
            "detectionMethod": "WindowsUpdateSearch"
          }
        ],
        "distroAdvisories": [
          {
            "advisoryID": "KB5022282",
            "severity": "",
            "issued": "0001-01-01T00:00:00Z",
            "updated": "0001-01-01T00:00:00Z",
            "description": "Microsoft Knowledge Base"
          }
        ],
        "cveContents": {
          "microsoft": [
            {
              "type": "microsoft",
              "cveID": "ADV220005",
              "title": "Guidance on Microsoft Signed Drivers Being Used Maliciously",
...

MaineK00n avatar Mar 26 '24 10:03 MaineK00n