-
|Wazuh version|Component|Install type|Install method|Platform|
|---|---|---|---|---|
| v4.8.0 | wazuh-modulesd - vulnerability scanner| Manager | Packages | TBD |
# Description
Members of th…
-
Today we have upgraded our Wazuh from 4.7 to 4.8 and received the message in vulnerability dashboard "Vulnerability detection seems to be disabled or has a problem
Please check the cluster status. Al…
-
https://github.com/nix-community/vulnix
https://github.com/DeterminateSystems/update-flake-lock
https://github.com/tiiuae/sbomnix
https://github.com/DeterminateSystems/flake-checker
-
## abstract
Since osv-scanner cannot support dnf package manager(https://github.com/google/osv-scanner/issues/999), and we are informed that osv-scanner can take output from syft (https://github.co…
-
## Description
The version regexps were enabled at #23518. But it was found that for some cases, only using a regular expression isn't enough to properly translate the version field.
Consider fo…
-
As a CSP, I want to continuously scan my running infrastructure so that I discover security issues in a timely manner.
The implementation is based on a pipeline of security tools that are executed…
-
## Description
The refactored vulnerability scanner has a QA Python test designed to verify the proper behavior of the module with different inputs. The output in case of failure was improved at #2…
-
- trivy: https://github.com/aquasecurity/vuln-list-update
- grype: https://github.com/anchore/vunnel
-
We currently support multiple sources of vulnerability intelligence, among them the NVD, OSS Index, GHSA and VulnDB. In some cases, we perform the actual vulnerability scanning (e.g. NVD, GHSA), in ot…
-
The `--delete-scanner` doesn't check if a scanner is used before deleting it. This causes GSA and the API to break.
### Expected behavior
An error message is displayed if the scanner is assigne…