ubuntu/openssl needs work

AppThreat / vulnerability-db

Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.

MIT License

93 stars 22 forks source link

Closed prabhu closed 1 year ago

prabhu commented 1 year ago

CVE-2022-2097 │ ubuntu/openssl │ │ 1.1.1f-1ubuntu2.8 │ 3.0.5-2ubuntu1

║ CVE-2019-1551 │ ubuntu/openssl │ │ 1.1.1f-1ubuntu2.16 │ 1.1.1.e

Image: adoptopenjdk

We need the vulnerability start location or distro detection to reduce these false positives. Range detection is a PITA for ubuntu.

prabhu commented 1 year ago

Let's keep this open and live with some percentage of false positives for ubuntu for now.