Fetch Vulnerability Details for a Container
Shows vulnerability details for a container.
Input ParametersInput Parameters
Parameter |
Mandatory/Optional |
Data Type |
Description |
---|---|---|---|
containerSha |
Mandatory |
string |
Specify the SHA value of a specific container in the user’s scope. |
filter |
Optional |
string |
Filter the containers list by providing a query using Qualys syntax. Refer to the “How to Search” topic in the online help for assistance with creating your query. |
type |
Optional |
string |
Specify the type of information to be fetched: Summary, Details, All. |
isDrift |
Optional |
Boolean |
Specify true if you are looking for drift containers. The default value is false. |
SampleSample
API request
curl -X GET
"<qualys_base_url>/csapi/v1.3/containers/4cd72d247f99b38fa4235111431b60d6b36feaa886fda222d97c511938bd55b1/vuln?type=ALL&isDrift=false"
-H "accept: application/json"
-H "Authorization: Bearer <token>"
Response
{
"details": {
"vulns": [
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nperl 5.18.2-2ubuntu1.1 5.18.2-2ubuntu1.6",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-12015"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197172,
"title": "Ubuntu Security Notification for Perl Vulnerability (USN-3684-1)",
"cvssInfo": {
"baseScore": "6.4",
"temporalScore": "4.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1528968142000,
"scanType": null,
"software": [
{
"name": "perl",
"version": "5.18.2-2ubuntu1.1",
"scanType": null,
"packagePath": null,
"fixVersion": "5.18.2-2ubuntu1.6",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibc6 2.19-0ubuntu6.7 2.19-0ubuntu6.13",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-1000366"
],
"threatIntel": {
"activeAttacks": true,
"zeroDay": null,
"publicExploit": true,
"highLateralMovement": true,
"easyExploit": true,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": true,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196813,
"title": "Ubuntu Security Notification for Eglibc, Glibc Vulnerability (USN-3323-1) (Stack Clash)",
"cvssInfo": {
"baseScore": "7.2",
"temporalScore": "6.0",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "7.8",
"temporalScore": "7.2"
},
"patchAvailable": true,
"published": 1497885555000,
"scanType": null,
"software": [
{
"name": "libc6:amd64",
"version": "2.19-0ubuntu6.7",
"scanType": null,
"packagePath": null,
"fixVersion": "2.19-0ubuntu6.13",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nperl 5.18.2-2ubuntu1.1 5.18.2-2ubuntu1.4",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2015-8853",
"CVE-2016-6185",
"CVE-2017-6512",
"CVE-2018-6797",
"CVE-2018-6798",
"CVE-2018-6913"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197110,
"title": "Ubuntu Security Notification for Perl Vulnerabilities (USN-3625-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1524163841000,
"scanType": null,
"software": [
{
"name": "perl",
"version": "5.18.2-2ubuntu1.1",
"scanType": null,
"packagePath": null,
"fixVersion": "5.18.2-2ubuntu1.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\neject 2.1.5+deb1+cvs20081104-13.1 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-6964"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": true,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196743,
"title": "Ubuntu Security Notification for Eject Vulnerability (USN-3246-1)",
"cvssInfo": {
"baseScore": "7.2",
"temporalScore": "5.3",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "7.8",
"temporalScore": "6.8"
},
"patchAvailable": true,
"published": 1491212441000,
"scanType": null,
"software": [
{
"name": "eject",
"version": "2.1.5+deb1+cvs20081104-13.1",
"scanType": null,
"packagePath": null,
"fixVersion": "2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibtasn1-6 3.4-3ubuntu0.4 3.4-3ubuntu0.5",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-6891"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196804,
"title": "Ubuntu Security Notification for Libtasn1-6 Vulnerability (USN-3309-1)",
"cvssInfo": {
"baseScore": "6.8",
"temporalScore": "5.0",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "8.8",
"temporalScore": "7.7"
},
"patchAvailable": true,
"published": 1496913696000,
"scanType": null,
"software": [
{
"name": "libtasn1-6:amd64",
"version": "3.4-3ubuntu0.4",
"scanType": null,
"packagePath": null,
"fixVersion": "3.4-3ubuntu0.5",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nsensible-utils 0.0.9 0.0.9ubuntu0.14.04.1",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-17512"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197068,
"title": "Ubuntu Security Notification for Sensible-utils Vulnerability (USN-3584-1)",
"cvssInfo": {
"baseScore": "6.8",
"temporalScore": "5.0",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "8.8",
"temporalScore": "7.7"
},
"patchAvailable": true,
"published": 1520246106000,
"scanType": null,
"software": [
{
"name": "sensible-utils",
"version": "0.0.9",
"scanType": null,
"packagePath": null,
"fixVersion": "0.0.9ubuntu0.14.04.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\ngnupg 1.4.16-1ubuntu2.3 1.4.16-1ubuntu2.6\ngpgv 1.4.16-1ubuntu2.3 1.4.16-1ubuntu2.6",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-7526"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197221,
"title": "Ubuntu Security Notification for Gnupg Vulnerability (USN-3733-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.2",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "6.8",
"temporalScore": "5.9"
},
"patchAvailable": true,
"published": 1533808990000,
"scanType": null,
"software": [
{
"name": "gpgv",
"version": "1.4.16-1ubuntu2.3",
"scanType": null,
"packagePath": null,
"fixVersion": "1.4.16-1ubuntu2.6",
"vulnerabilities": null
},
{
"name": "gnupg",
"version": "1.4.16-1ubuntu2.3",
"scanType": null,
"packagePath": null,
"fixVersion": "1.4.16-1ubuntu2.6",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibtasn1-6 3.4-3ubuntu0.4 3.4-3ubuntu0.6",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-10790",
"CVE-2018-6003"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197033,
"title": "Ubuntu Security Notification for Libtasn1-6 Vulnerabilities (USN-3547-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1517301069000,
"scanType": null,
"software": [
{
"name": "libtasn1-6:amd64",
"version": "3.4-3ubuntu0.4",
"scanType": null,
"packagePath": null,
"fixVersion": "3.4-3ubuntu0.6",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "Vulnerable version of Npm cli detected\n\n1.3.10",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Local",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent",
"CA-Mac Agent"
],
"product": [
"npm"
],
"vendor": [
"npm"
],
"cveids": [
"CVE-2019-16775",
"CVE-2019-16776"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 372330,
"title": "npm cli unauthorized file access and arbitrary file write vulnerability",
"cvssInfo": {
"baseScore": "5.5",
"temporalScore": "4.1",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "8.1",
"temporalScore": "7.1"
},
"patchAvailable": true,
"published": 1579167805000,
"scanType": null,
"software": null
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nperl 5.18.2-2ubuntu1.1 5.18.2-2ubuntu1.3",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-12837",
"CVE-2017-12883"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196969,
"title": "Ubuntu Security Notification for Perl Vulnerabilities (USN-3478-1)",
"cvssInfo": {
"baseScore": "6.4",
"temporalScore": "4.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.1",
"temporalScore": "7.9"
},
"patchAvailable": true,
"published": 1510830959000,
"scanType": null,
"software": [
{
"name": "perl",
"version": "5.18.2-2ubuntu1.1",
"scanType": null,
"packagePath": null,
"fixVersion": "5.18.2-2ubuntu1.3",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibdbus-1-3 1.6.18-0ubuntu4.3 1.6.18-0ubuntu4.4",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2015-0245"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196613,
"title": "Ubuntu Security Notification for Dbus Vulnerabilities (USN-3116-1)",
"cvssInfo": {
"baseScore": "1.9",
"temporalScore": "1.5",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "0.0",
"temporalScore": "0.0"
},
"patchAvailable": true,
"published": 1478171513000,
"scanType": null,
"software": [
{
"name": "libdbus-1-3:amd64",
"version": "1.6.18-0ubuntu4.3",
"scanType": null,
"packagePath": null,
"fixVersion": "1.6.18-0ubuntu4.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibudev1 204-5ubuntu20.19 204-5ubuntu20.31\nudev 204-5ubuntu20.19 204-5ubuntu20.31",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2019-3842"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": true,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197424,
"title": "Ubuntu Security Notification for systemd vulnerability (USN-3938-1)",
"cvssInfo": {
"baseScore": "4.4",
"temporalScore": "3.4",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "7.0",
"temporalScore": "6.3"
},
"patchAvailable": true,
"published": 1554890302000,
"scanType": null,
"software": [
{
"name": "udev",
"version": "204-5ubuntu20.19",
"scanType": null,
"packagePath": null,
"fixVersion": "204-5ubuntu20.31",
"vulnerabilities": null
},
{
"name": "libudev1:amd64",
"version": "204-5ubuntu20.19",
"scanType": null,
"packagePath": null,
"fixVersion": "204-5ubuntu20.31",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibssl1.0.0 1.0.1f-1ubuntu2.19 1.0.1f-1ubuntu2.26",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-0495",
"CVE-2018-0732",
"CVE-2018-0737"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197180,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL1.0) Vulnerabilities (USN-3692-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.2",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1530183023000,
"scanType": null,
"software": [
{
"name": "libssl1.0.0:amd64",
"version": "1.0.1f-1ubuntu2.19",
"scanType": null,
"packagePath": null,
"fixVersion": "1.0.1f-1ubuntu2.26",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibgcrypt11 1.5.3-2ubuntu4.3 1.5.3-2ubuntu4.5",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-7526",
"CVE-2017-9526"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196840,
"title": "Ubuntu Security Notification for Libgcrypt11, Libgcrypt20 Vulnerabilities (USN-3347-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.2",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "6.8",
"temporalScore": "5.9"
},
"patchAvailable": true,
"published": 1499333161000,
"scanType": null,
"software": [
{
"name": "libgcrypt11:amd64",
"version": "1.5.3-2ubuntu4.3",
"scanType": null,
"packagePath": null,
"fixVersion": "1.5.3-2ubuntu4.5",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\npython2.7 2.7.6-8ubuntu0.2 2.7.6-8ubuntu0.4\npython2.7-minimal 2.7.6-8ubuntu0.2 2.7.6-8ubuntu0.4",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-1000158"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196986,
"title": "Ubuntu Security Notification for Python2.7 Vulnerability (USN-3496-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1512035809000,
"scanType": null,
"software": [
{
"name": "python2.7-minimal",
"version": "2.7.6-8ubuntu0.2",
"scanType": null,
"packagePath": null,
"fixVersion": "2.7.6-8ubuntu0.4",
"vulnerabilities": null
},
{
"name": "python2.7",
"version": "2.7.6-8ubuntu0.2",
"scanType": null,
"packagePath": null,
"fixVersion": "2.7.6-8ubuntu0.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "Vulnerable version of Npm cli detected\n\n1.3.10",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Local",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"npm"
],
"vendor": [
"npm"
],
"cveids": [
"CVE-2016-3956"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 374334,
"title": "NPM CLI Impersonation Vulnerability",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1607951689000,
"scanType": null,
"software": null
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nisc-dhcp-client 4.2.4-7ubuntu12.4 4.2.4-7ubuntu12.12",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-2774",
"CVE-2017-3144",
"CVE-2018-5732",
"CVE-2018-5733"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197069,
"title": "Ubuntu Security Notification for Isc-dhcp Vulnerabilities (USN-3586-1)",
"cvssInfo": {
"baseScore": "7.1",
"temporalScore": "5.3",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1520424687000,
"scanType": null,
"software": [
{
"name": "isc-dhcp-client",
"version": "4.2.4-7ubuntu12.4",
"scanType": null,
"packagePath": null,
"fixVersion": "4.2.4-7ubuntu12.12",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nbash 4.3-7ubuntu1.5 4.3-7ubuntu1.7",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-0634",
"CVE-2016-7543",
"CVE-2016-9401",
"CVE-2017-5932"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": true,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196789,
"title": "Ubuntu Security Notification for Bash Vulnerabilities (USN-3294-1)",
"cvssInfo": {
"baseScore": "7.2",
"temporalScore": "5.6",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "8.4",
"temporalScore": "7.3"
},
"patchAvailable": true,
"published": 1495101562000,
"scanType": null,
"software": [
{
"name": "bash",
"version": "4.3-7ubuntu1.5",
"scanType": null,
"packagePath": null,
"fixVersion": "4.3-7ubuntu1.7",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\napt 1.0.1ubuntu2.13 1.0.1ubuntu2.17",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-1252"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": true,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196653,
"title": "Ubuntu Security Notification for Apt Vulnerability (USN-3156-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.4",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.9",
"temporalScore": "5.3"
},
"patchAvailable": true,
"published": 1481795723000,
"scanType": null,
"software": [
{
"name": "apt",
"version": "1.0.1ubuntu2.13",
"scanType": null,
"packagePath": null,
"fixVersion": "1.0.1ubuntu2.17",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibssl1.0.0 1.0.1f-1ubuntu2.19 1.0.1f-1ubuntu2.22",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-2177",
"CVE-2016-7055",
"CVE-2016-7056",
"CVE-2016-8610",
"CVE-2017-3731",
"CVE-2017-3732"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196677,
"title": "Ubuntu Security Notification for Openssl Vulnerabilities (USN-3181-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.9",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1486032654000,
"scanType": null,
"software": [
{
"name": "libssl1.0.0:amd64",
"version": "1.0.1f-1ubuntu2.19",
"scanType": null,
"packagePath": null,
"fixVersion": "1.0.1f-1ubuntu2.22",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\npython2.7 2.7.6-8ubuntu0.2 2.7.6-8ubuntu0.5\npython2.7-minimal 2.7.6-8ubuntu0.2 2.7.6-8ubuntu0.5\npython3.4 3.4.3-1ubuntu1~14.04.3 3.4.3-1ubuntu1~14.04.7\npython3.4-minimal 3.4.3-1ubuntu1~14.04.3 3.4.3-1ubuntu1~14.04.7",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-1000030",
"CVE-2018-1000802",
"CVE-2018-1060",
"CVE-2018-1061",
"CVE-2018-14647"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197302,
"title": "Ubuntu Security Notification for Python2.7, Python3.4, Python3.5 Vulnerabilities (USN-3817-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1542276908000,
"scanType": null,
"software": [
{
"name": "python3.4",
"version": "3.4.3-1ubuntu1~14.04.3",
"scanType": null,
"packagePath": null,
"fixVersion": "3.4.3-1ubuntu1~14.04.7",
"vulnerabilities": null
},
{
"name": "python2.7-minimal",
"version": "2.7.6-8ubuntu0.2",
"scanType": null,
"packagePath": null,
"fixVersion": "2.7.6-8ubuntu0.5",
"vulnerabilities": null
},
{
"name": "python3.4-minimal",
"version": "3.4.3-1ubuntu1~14.04.3",
"scanType": null,
"packagePath": null,
"fixVersion": "3.4.3-1ubuntu1~14.04.7",
"vulnerabilities": null
},
{
"name": "python2.7",
"version": "2.7.6-8ubuntu0.2",
"scanType": null,
"packagePath": null,
"fixVersion": "2.7.6-8ubuntu0.5",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibgcrypt11 1.5.3-2ubuntu4.3 1.5.3-2ubuntu4.6",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-0495"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197177,
"title": "Ubuntu Security Notification for Libgcrypt11, Libgcrypt20 Vulnerability (USN-3689-1)",
"cvssInfo": {
"baseScore": "1.9",
"temporalScore": "1.4",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "4.7",
"temporalScore": "4.1"
},
"patchAvailable": true,
"published": 1529577859000,
"scanType": null,
"software": [
{
"name": "libgcrypt11:amd64",
"version": "1.5.3-2ubuntu4.3",
"scanType": null,
"packagePath": null,
"fixVersion": "1.5.3-2ubuntu4.6",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\napt 1.0.1ubuntu2.13 1.0.1ubuntu2.19",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2019-3462"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197347,
"title": "Ubuntu Security Notification for Apt Vulnerability (USN-3863-1)",
"cvssInfo": {
"baseScore": "9.3",
"temporalScore": "6.9",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "8.1",
"temporalScore": "7.1"
},
"patchAvailable": true,
"published": 1548324879000,
"scanType": null,
"software": [
{
"name": "apt",
"version": "1.0.1ubuntu2.13",
"scanType": null,
"packagePath": null,
"fixVersion": "1.0.1ubuntu2.19",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibexpat1 2.1.0-4ubuntu1.1 2.1.0-4ubuntu1.3",
"lastFound": "1666956928760",
"firstFound": "1666956928760",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2012-6702",
"CVE-2016-5300"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196509,
"title": "Ubuntu Security Notification for Expat Vulnerabilities (USN-3010-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.4",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1466680813000,
"scanType": null,
"software": [
{
"name": "libexpat1:amd64",
"version": "2.1.0-4ubuntu1.1",
"scanType": null,
"packagePath": null,
"fixVersion": "2.1.0-4ubuntu1.3",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibpng12-0 1.2.50-1ubuntu2.14.04.2 1.2.50-1ubuntu2.14.04.3",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-10087",
"CVE-2018-13785"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197200,
"title": "Ubuntu Security Notification for Libpng, Libpng1.6 Vulnerabilities (USN-3712-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1531740697000,
"scanType": null,
"software": [
{
"name": "libpng12-0:amd64",
"version": "1.2.50-1ubuntu2.14.04.2",
"scanType": null,
"packagePath": null,
"fixVersion": "1.2.50-1ubuntu2.14.04.3",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibffi6 3.1~rc1+r3.0.13-12ubuntu0.1 3.1~rc1+r3.0.13-12ubuntu0.2",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-1000376"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196946,
"title": "Ubuntu Security Notification for Libffi Vulnerability (USN-3454-1)",
"cvssInfo": {
"baseScore": "6.9",
"temporalScore": "5.1",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "7.0",
"temporalScore": "6.1"
},
"patchAvailable": true,
"published": 1508151091000,
"scanType": null,
"software": [
{
"name": "libffi6:amd64",
"version": "3.1~rc1+r3.0.13-12ubuntu0.1",
"scanType": null,
"packagePath": null,
"fixVersion": "3.1~rc1+r3.0.13-12ubuntu0.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibgnutls26 2.12.23-12ubuntu2.5 2.12.23-12ubuntu2.6",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-7444",
"CVE-2016-8610",
"CVE-2017-5334",
"CVE-2017-5335",
"CVE-2017-5336",
"CVE-2017-5337"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196679,
"title": "Ubuntu Security Notification for Gnutls26, Gnutls28 Vulnerabilities (USN-3183-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.9",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1486381420000,
"scanType": null,
"software": [
{
"name": "libgnutls26:amd64",
"version": "2.12.23-12ubuntu2.5",
"scanType": null,
"packagePath": null,
"fixVersion": "2.12.23-12ubuntu2.6",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nperl 5.18.2-2ubuntu1.1 5.18.2-2ubuntu1.7",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-18311",
"CVE-2018-18312",
"CVE-2018-18313",
"CVE-2018-18314"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197318,
"title": "Ubuntu Security Notification for Perl Vulnerabilities (USN-3834-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1544009132000,
"scanType": null,
"software": [
{
"name": "perl",
"version": "5.18.2-2ubuntu1.1",
"scanType": null,
"packagePath": null,
"fixVersion": "5.18.2-2ubuntu1.7",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nsudo 1.8.9p5-1ubuntu1.2 1.8.9p5-1ubuntu1.4",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-1000367"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": true,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196799,
"title": "Ubuntu Security Notification for Sudo Vulnerability (USN-3304-1)",
"cvssInfo": {
"baseScore": "6.9",
"temporalScore": "5.4",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "6.4",
"temporalScore": "5.8"
},
"patchAvailable": true,
"published": 1496225024000,
"scanType": null,
"software": [
{
"name": "sudo",
"version": "1.8.9p5-1ubuntu1.2",
"scanType": null,
"packagePath": null,
"fixVersion": "1.8.9p5-1ubuntu1.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibssl1.0.0 1.0.1f-1ubuntu2.19 1.0.1f-1ubuntu2.24",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-0739"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197095,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerability (USN-3611-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.2",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "6.5",
"temporalScore": "5.7"
},
"patchAvailable": true,
"published": 1522319634000,
"scanType": null,
"software": [
{
"name": "libssl1.0.0:amd64",
"version": "1.0.1f-1ubuntu2.19",
"scanType": null,
"packagePath": null,
"fixVersion": "1.0.1f-1ubuntu2.24",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibexpat1 2.1.0-4ubuntu1.1 2.1.0-4ubuntu1.4",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-9233"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196849,
"title": "Ubuntu Security Notification for Expat Vulnerability (USN-3356-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1500544684000,
"scanType": null,
"software": [
{
"name": "libexpat1:amd64",
"version": "2.1.0-4ubuntu1.1",
"scanType": null,
"packagePath": null,
"fixVersion": "2.1.0-4ubuntu1.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "EOL/Obsolete Operating System: Ubuntu 14.04.x Detected.",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 5,
"customerSeverity": 5,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 50,
"category": "Security Policy",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"ubuntu_linux"
],
"vendor": [
"ubuntu"
],
"cveids": [],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": true,
"highDataLoss": true,
"noPatch": true,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 105797,
"title": "EOL/Obsolete Operating System: Ubuntu 14.04 Detected",
"cvssInfo": {
"baseScore": "10.0",
"temporalScore": "8.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "9.0"
},
"patchAvailable": false,
"published": 1556535783000,
"scanType": null,
"software": null
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nvim-common 2:7.4.052-1ubuntu3 2:7.4.052-1ubuntu3.1",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-1248"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196636,
"title": "Ubuntu Security Notification for Vim Vulnerability (USN-3139-1)",
"cvssInfo": {
"baseScore": "6.8",
"temporalScore": "5.0",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.8",
"temporalScore": "6.8"
},
"patchAvailable": true,
"published": 1480941303000,
"scanType": null,
"software": [
{
"name": "vim-common",
"version": "2:7.4.052-1ubuntu3",
"scanType": null,
"packagePath": null,
"fixVersion": "2:7.4.052-1ubuntu3.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibc6 2.19-0ubuntu6.7 2.19-0ubuntu6.14",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-1000408",
"CVE-2017-1000409",
"CVE-2017-15670",
"CVE-2017-15804",
"CVE-2017-16997",
"CVE-2017-17426",
"CVE-2018-1000001"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": true,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197022,
"title": "Ubuntu Security Notification for Eglibc, Glibc Vulnerabilities (USN-3534-1)",
"cvssInfo": {
"baseScore": "9.3",
"temporalScore": "7.3",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.8"
},
"patchAvailable": true,
"published": 1516616911000,
"scanType": null,
"software": [
{
"name": "libc6:amd64",
"version": "2.19-0ubuntu6.7",
"scanType": null,
"packagePath": null,
"fixVersion": "2.19-0ubuntu6.14",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibudev1 204-5ubuntu20.19 204-5ubuntu20.26\nudev 204-5ubuntu20.19 204-5ubuntu20.26",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-15908",
"CVE-2018-1049"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197044,
"title": "Ubuntu Security Notification for Systemd Vulnerabilities (USN-3558-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1517993874000,
"scanType": null,
"software": [
{
"name": "udev",
"version": "204-5ubuntu20.19",
"scanType": null,
"packagePath": null,
"fixVersion": "204-5ubuntu20.26",
"vulnerabilities": null
},
{
"name": "libudev1:amd64",
"version": "204-5ubuntu20.19",
"scanType": null,
"packagePath": null,
"fixVersion": "204-5ubuntu20.26",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\ntar 1.27.1-1 1.27.1-1ubuntu0.1",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-6321"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196630,
"title": "Ubuntu Security Notification for Tar Vulnerability (USN-3132-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1479892137000,
"scanType": null,
"software": [
{
"name": "tar",
"version": "1.27.1-1",
"scanType": null,
"packagePath": null,
"fixVersion": "1.27.1-1ubuntu0.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibgcrypt11 1.5.3-2ubuntu4.3 1.5.3-2ubuntu4.4",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-6313"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196563,
"title": "Ubuntu Security Notification for Libgcrypt11, Libgcrypt20 Vulnerability (USN-3065-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.3",
"temporalScore": "4.6"
},
"patchAvailable": true,
"published": 1471949675000,
"scanType": null,
"software": [
{
"name": "libgcrypt11:amd64",
"version": "1.5.3-2ubuntu4.3",
"scanType": null,
"packagePath": null,
"fixVersion": "1.5.3-2ubuntu4.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibssl1.0.0 1.0.1f-1ubuntu2.19 1.0.1f-1ubuntu2.25",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-0737"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197113,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerability (USN-3628-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.2",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.9",
"temporalScore": "5.2"
},
"patchAvailable": true,
"published": 1524468872000,
"scanType": null,
"software": [
{
"name": "libssl1.0.0:amd64",
"version": "1.0.1f-1ubuntu2.19",
"scanType": null,
"packagePath": null,
"fixVersion": "1.0.1f-1ubuntu2.25",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibgnutls26 2.12.23-12ubuntu2.5 2.12.23-12ubuntu2.8",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-7507",
"CVE-2017-7869"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196812,
"title": "Ubuntu Security Notification for Gnutls26, Gnutls28 Vulnerabilities (USN-3318-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1497519708000,
"scanType": null,
"software": [
{
"name": "libgnutls26:amd64",
"version": "2.12.23-12ubuntu2.5",
"scanType": null,
"packagePath": null,
"fixVersion": "2.12.23-12ubuntu2.8",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\npatch 2.7.1-4ubuntu2.3 2.7.1-4ubuntu2.4",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-10713",
"CVE-2018-1000156",
"CVE-2018-6951"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197109,
"title": "Ubuntu Security Notification for Patch Vulnerabilities (USN-3624-1)",
"cvssInfo": {
"baseScore": "6.8",
"temporalScore": "5.0",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.8",
"temporalScore": "6.8"
},
"patchAvailable": true,
"published": 1523956933000,
"scanType": null,
"software": [
{
"name": "patch",
"version": "2.7.1-4ubuntu2.3",
"scanType": null,
"packagePath": null,
"fixVersion": "2.7.1-4ubuntu2.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibprocps3 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3\nprocps 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-1122",
"CVE-2018-1123",
"CVE-2018-1124",
"CVE-2018-1125",
"CVE-2018-1126"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": true,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197146,
"title": "Ubuntu Security Notification for Procps Vulnerabilities (USN-3658-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.9",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.8"
},
"patchAvailable": true,
"published": 1527503933000,
"scanType": null,
"software": [
{
"name": "libprocps3:amd64",
"version": "1:3.3.9-1ubuntu2.2",
"scanType": null,
"packagePath": null,
"fixVersion": "1:3.3.9-1ubuntu2.3",
"vulnerabilities": null
},
{
"name": "procps",
"version": "1:3.3.9-1ubuntu2.2",
"scanType": null,
"packagePath": null,
"fixVersion": "1:3.3.9-1ubuntu2.3",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlogin 1:4.1.5.1-1ubuntu9.2 1:4.1.5.1-1ubuntu9.4\npasswd 1:4.1.5.1-1ubuntu9.2 1:4.1.5.1-1ubuntu9.4",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-6252",
"CVE-2017-2616"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196771,
"title": "Ubuntu Security Notification for Shadow Vulnerabilities (USN-3276-1)",
"cvssInfo": {
"baseScore": "4.6",
"temporalScore": "3.6",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "7.8",
"temporalScore": "6.8"
},
"patchAvailable": true,
"published": 1494498198000,
"scanType": null,
"software": [
{
"name": "login",
"version": "1:4.1.5.1-1ubuntu9.2",
"scanType": null,
"packagePath": null,
"fixVersion": "1:4.1.5.1-1ubuntu9.4",
"vulnerabilities": null
},
{
"name": "passwd",
"version": "1:4.1.5.1-1ubuntu9.2",
"scanType": null,
"packagePath": null,
"fixVersion": "1:4.1.5.1-1ubuntu9.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibc-ares2 1.10.0-2 1.10.0-2ubuntu0.2",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-1000381"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196887,
"title": "Ubuntu Security Notification for C-ares Vulnerability (USN-3395-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1503566507000,
"scanType": null,
"software": [
{
"name": "libc-ares2:amd64",
"version": "1.10.0-2",
"scanType": null,
"packagePath": null,
"fixVersion": "1.10.0-2ubuntu0.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nbusybox-initramfs 1:1.21.0-1ubuntu1 1:1.21.0-1ubuntu1.4",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2011-5325",
"CVE-2014-9645",
"CVE-2015-9261",
"CVE-2016-2147",
"CVE-2016-2148",
"CVE-2017-15873",
"CVE-2017-16544",
"CVE-2018-1000517",
"CVE-2018-20679",
"CVE-2019-5747"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197418,
"title": "Ubuntu Security Notification for Busybox Vulnerabilities (USN-3935-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1554375138000,
"scanType": null,
"software": [
{
"name": "busybox-initramfs",
"version": "1:1.21.0-1ubuntu1",
"scanType": null,
"packagePath": null,
"fixVersion": "1:1.21.0-1ubuntu1.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "Vulnerable version of Npm cli detected\n\n1.3.10",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Local",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent",
"CA-Mac Agent"
],
"product": [
"npm"
],
"vendor": [
"npm"
],
"cveids": [
"CVE-2019-16777"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 372340,
"title": "npm cli arbitrary file write vulnerability",
"cvssInfo": {
"baseScore": "5.5",
"temporalScore": "4.1",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "6.5",
"temporalScore": "5.7"
},
"patchAvailable": true,
"published": 1579522349000,
"scanType": null,
"software": null
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibc-ares2 1.10.0-2 1.10.0-2ubuntu0.1",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-5180"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196639,
"title": "Ubuntu Security Notification for C-ares Vulnerability (USN-3143-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1480941303000,
"scanType": null,
"software": [
{
"name": "libc-ares2:amd64",
"version": "1.10.0-2",
"scanType": null,
"packagePath": null,
"fixVersion": "1.10.0-2ubuntu0.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibc6 2.19-0ubuntu6.7 2.19-0ubuntu6.10",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2015-5180",
"CVE-2015-8982",
"CVE-2015-8983",
"CVE-2015-8984",
"CVE-2016-1234",
"CVE-2016-3706",
"CVE-2016-4429",
"CVE-2016-5417",
"CVE-2016-6323"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196734,
"title": "Ubuntu Security Notification for Eglibc, Glibc Vulnerabilities (USN-3239-1)",
"cvssInfo": {
"baseScore": "6.8",
"temporalScore": "5.3",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "8.1",
"temporalScore": "7.1"
},
"patchAvailable": true,
"published": 1490176088000,
"scanType": null,
"software": [
{
"name": "libc6:amd64",
"version": "2.19-0ubuntu6.7",
"scanType": null,
"packagePath": null,
"fixVersion": "2.19-0ubuntu6.10",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibssl1.0.0 1.0.1f-1ubuntu2.19 1.0.1f-1ubuntu2.27",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-0734",
"CVE-2018-0735",
"CVE-2018-5407"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": true,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197324,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL1.0) Vulnerabilities (USN-3840-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.4",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.9",
"temporalScore": "5.3"
},
"patchAvailable": true,
"published": 1544438700000,
"scanType": null,
"software": [
{
"name": "libssl1.0.0:amd64",
"version": "1.0.1f-1ubuntu2.19",
"scanType": null,
"packagePath": null,
"fixVersion": "1.0.1f-1ubuntu2.27",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibssl1.0.0 1.0.1f-1ubuntu2.19 1.0.1f-1ubuntu2.23",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-3735",
"CVE-2017-3736"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196966,
"title": "Ubuntu Security Notification for Openssl Vulnerabilities (USN-3475-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "6.5",
"temporalScore": "5.7"
},
"patchAvailable": true,
"published": 1510226133000,
"scanType": null,
"software": [
{
"name": "libssl1.0.0:amd64",
"version": "1.0.1f-1ubuntu2.19",
"scanType": null,
"packagePath": null,
"fixVersion": "1.0.1f-1ubuntu2.23",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibc6 2.19-0ubuntu6.7 2.19-0ubuntu6.8\nlibc6-dev 2.19-0ubuntu6.7 2.19-0ubuntu6.8",
"lastFound": "1666956928760",
"firstFound": "1666956928760",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2013-2207",
"CVE-2014-8121",
"CVE-2014-9761",
"CVE-2015-1781",
"CVE-2015-5277",
"CVE-2015-8776",
"CVE-2015-8777",
"CVE-2015-8778",
"CVE-2015-8779",
"CVE-2016-2856",
"CVE-2016-3075"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": true,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196484,
"title": "Ubuntu Security Notification for Eglibc, Glibc Vulnerabilities (USN-2985-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.9",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.8"
},
"patchAvailable": true,
"published": 1465209201000,
"scanType": null,
"software": [
{
"name": "libc6-dev:amd64",
"version": "2.19-0ubuntu6.7",
"scanType": null,
"packagePath": null,
"fixVersion": "2.19-0ubuntu6.8",
"vulnerabilities": null
},
{
"name": "libc6:amd64",
"version": "2.19-0ubuntu6.7",
"scanType": null,
"packagePath": null,
"fixVersion": "2.19-0ubuntu6.8",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\ngnupg 1.4.16-1ubuntu2.3 1.4.16-1ubuntu2.4",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-6313"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196562,
"title": "Ubuntu Security Notification for Gnupg Vulnerability (USN-3064-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.3",
"temporalScore": "4.6"
},
"patchAvailable": true,
"published": 1471949675000,
"scanType": null,
"software": [
{
"name": "gnupg",
"version": "1.4.16-1ubuntu2.3",
"scanType": null,
"packagePath": null,
"fixVersion": "1.4.16-1ubuntu2.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nfile 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4\nlibmagic1 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2014-9620",
"CVE-2014-9621",
"CVE-2014-9653",
"CVE-2015-8865",
"CVE-2018-10360"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197174,
"title": "Ubuntu Security Notification for File Vulnerabilities (USN-3686-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.3",
"temporalScore": "6.4"
},
"patchAvailable": true,
"published": 1529319326000,
"scanType": null,
"software": [
{
"name": "file",
"version": "1:5.14-2ubuntu3.3",
"scanType": null,
"packagePath": null,
"fixVersion": "1:5.14-2ubuntu3.4",
"vulnerabilities": null
},
{
"name": "libmagic1:amd64",
"version": "1:5.14-2ubuntu3.3",
"scanType": null,
"packagePath": null,
"fixVersion": "1:5.14-2ubuntu3.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibssl1.0.0 1.0.1f-1ubuntu2.19 1.0.1f-1ubuntu2.20",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-2177",
"CVE-2016-2178",
"CVE-2016-2179",
"CVE-2016-2180",
"CVE-2016-2181",
"CVE-2016-2182",
"CVE-2016-2183",
"CVE-2016-6302",
"CVE-2016-6303",
"CVE-2016-6304",
"CVE-2016-6306"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196585,
"title": "Ubuntu Security Notification for Openssl Vulnerabilities (USN-3087-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.9",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1474623079000,
"scanType": null,
"software": [
{
"name": "libssl1.0.0:amd64",
"version": "1.0.1f-1ubuntu2.19",
"scanType": null,
"packagePath": null,
"fixVersion": "1.0.1f-1ubuntu2.20",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibexpat1 2.1.0-4ubuntu1.1 2.1.0-4ubuntu1.2",
"lastFound": "1666956928760",
"firstFound": "1666956928760",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-0718"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196482,
"title": "Ubuntu Security Notification for Expat Vulnerability (USN-2983-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1464000226000,
"scanType": null,
"software": [
{
"name": "libexpat1:amd64",
"version": "2.1.0-4ubuntu1.1",
"scanType": null,
"packagePath": null,
"fixVersion": "2.1.0-4ubuntu1.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibpython2.7-minimal 2.7.6-8ubuntu0.2 2.7.6-8ubuntu0.3\nlibpython2.7-stdlib 2.7.6-8ubuntu0.2 2.7.6-8ubuntu0.3\nlibpython3.4-minimal 3.4.3-1ubuntu1~14.04.3 3.4.3-1ubuntu1~14.04.5\nlibpython3.4-stdlib 3.4.3-1ubuntu1~14.04.3 3.4.3-1ubuntu1~14.04.5\npython2.7 2.7.6-8ubuntu0.2 2.7.6-8ubuntu0.3\npython2.7-minimal 2.7.6-8ubuntu0.2 2.7.6-8ubuntu0.3\npython3.4 3.4.3-1ubuntu1~14.04.3 3.4.3-1ubuntu1~14.04.5\npython3.4-minimal 3.4.3-1ubuntu1~14.04.3 3.4.3-1ubuntu1~14.04.5",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2016-0772",
"CVE-2016-1000110",
"CVE-2016-5636",
"CVE-2016-5699"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": true,
"highLateralMovement": true,
"easyExploit": true,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196631,
"title": "Ubuntu Security Notification for Python2.7, Python3.2, Python3.4, Python3.5 Vulnerabilities (USN-3134-1)",
"cvssInfo": {
"baseScore": "10.0",
"temporalScore": "7.8",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.8"
},
"patchAvailable": true,
"published": 1480318451000,
"scanType": null,
"software": [
{
"name": "python3.4",
"version": "3.4.3-1ubuntu1~14.04.3",
"scanType": null,
"packagePath": null,
"fixVersion": "3.4.3-1ubuntu1~14.04.5",
"vulnerabilities": null
},
{
"name": "libpython3.4-stdlib:amd64",
"version": "3.4.3-1ubuntu1~14.04.3",
"scanType": null,
"packagePath": null,
"fixVersion": "3.4.3-1ubuntu1~14.04.5",
"vulnerabilities": null
},
{
"name": "python2.7-minimal",
"version": "2.7.6-8ubuntu0.2",
"scanType": null,
"packagePath": null,
"fixVersion": "2.7.6-8ubuntu0.3",
"vulnerabilities": null
},
{
"name": "libpython3.4-minimal:amd64",
"version": "3.4.3-1ubuntu1~14.04.3",
"scanType": null,
"packagePath": null,
"fixVersion": "3.4.3-1ubuntu1~14.04.5",
"vulnerabilities": null
},
{
"name": "libpython2.7-stdlib:amd64",
"version": "2.7.6-8ubuntu0.2",
"scanType": null,
"packagePath": null,
"fixVersion": "2.7.6-8ubuntu0.3",
"vulnerabilities": null
},
{
"name": "python3.4-minimal",
"version": "3.4.3-1ubuntu1~14.04.3",
"scanType": null,
"packagePath": null,
"fixVersion": "3.4.3-1ubuntu1~14.04.5",
"vulnerabilities": null
},
{
"name": "libpython2.7-minimal:amd64",
"version": "2.7.6-8ubuntu0.2",
"scanType": null,
"packagePath": null,
"fixVersion": "2.7.6-8ubuntu0.3",
"vulnerabilities": null
},
{
"name": "python2.7",
"version": "2.7.6-8ubuntu0.2",
"scanType": null,
"packagePath": null,
"fixVersion": "2.7.6-8ubuntu0.3",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\ngnupg 1.4.16-1ubuntu2.3 1.4.16-1ubuntu2.5",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-12020",
"CVE-2018-9234"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197163,
"title": "Ubuntu Security Notification for Gnupg, Gnupg2 Vulnerabilities (USN-3675-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1528888111000,
"scanType": null,
"software": [
{
"name": "gnupg",
"version": "1.4.16-1ubuntu2.3",
"scanType": null,
"packagePath": null,
"fixVersion": "1.4.16-1ubuntu2.5",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibdb5.3 5.3.28-3ubuntu3 5.3.28-3ubuntu3.1",
"lastFound": "1666956928761",
"firstFound": "1666956928761",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-10140"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 196980,
"title": "Ubuntu Security Notification for Db5.3 Vulnerability (USN-3489-1)",
"cvssInfo": {
"baseScore": "4.6",
"temporalScore": "3.4",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "7.8",
"temporalScore": "6.8"
},
"patchAvailable": true,
"published": 1511432315000,
"scanType": null,
"software": [
{
"name": "libdb5.3:amd64",
"version": "5.3.28-3ubuntu3",
"scanType": null,
"packagePath": null,
"fixVersion": "5.3.28-3ubuntu3.1",
"vulnerabilities": null
}
]
}
],
"driftVulns": null
},
"vulnSummary": {
"confirmed": {
"sev1Count": 0,
"sev5Count": 1,
"sev2Count": 0,
"sev4Count": 3,
"sev3Count": 53
},
"potential": {
"sev1Count": 0,
"sev5Count": 0,
"sev2Count": 0,
"sev4Count": 0,
"sev3Count": 0
},
"patchAvailability": {
"confirmed": {
"sev1Count": 0,
"sev5Count": 0,
"sev2Count": 0,
"sev4Count": 3,
"sev3Count": 53
},
"potential": {
"sev1Count": 0,
"sev5Count": 0,
"sev2Count": 0,
"sev4Count": 0,
"sev3Count": 0
}
}
}
}
Response - in the case of sub-users
The following error response is seen when the sub-users don't have permission to the specified containerSha.
{
"errorCode": "403 FORBIDDEN",
"message": "Request Forbidden",
"timestamp": 1700721586546
}