Fetch Vulnerability Details for an Image
Shows the vulnerability details for an image.
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
imageSha |
Mandatory |
string |
Specify the SHA value of a specific image in the user’s scope. |
|
filter |
Optional |
string |
Filter the images list by providing a query using Qualys syntax. Refer to the “How to Search” topic in the online help for assistance with creating your query. |
|
type |
Optional |
string |
Specify the type of information to be fetched: Summary, Details, All. |
|
sort |
Optional |
string |
Sort the results using a Qualys token. For example qid:asc. Refer to the “Sortable tokens” topic in the online help for more information. |
SampleSample
API request
curl -X GET
"<qualys_base_url>/csapi/v1.3/images/fddd5d9814a9393cf85f4794c6435ba00e8db8facee9bcc05d9d0846016470df/vuln?type=ALL&sort=vulnerabilities.qid%3Aasc"
-H "accept: application/json"
-H "Authorization: Bearer <token>"
Response
{
"details": [
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibc-bin 2.27-3ubuntu1 2.27-3ubuntu1.5\nlibc6 2.27-3ubuntu1 2.27-3ubuntu1.5",
"lastFound": "1669632607697",
"firstFound": "1669632607697",
"severity": 5,
"customerSeverity": 5,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 50,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"gnu"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-23218",
"CVE-2022-23219",
"CVE-2021-3998",
"CVE-2016-10228",
"CVE-2021-3326",
"CVE-2020-6096",
"CVE-2020-29562",
"CVE-2020-27618",
"CVE-2021-3999",
"CVE-2021-27645",
"CVE-2021-35942",
"CVE-2019-25013"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198685,
"title": "Ubuntu Security Notification for GNU C Library Vulnerabilities (USN-5310-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1646224274000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libc6:amd64",
"version": "2.27-3ubuntu1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.27-3ubuntu1.5",
"vulnerabilities": null
},
{
"name": "libc-bin",
"version": "2.27-3ubuntu1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.27-3ubuntu1.5",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\ngzip 1.6-5ubuntu1 1.6-5ubuntu1.2",
"lastFound": "1669632607705",
"firstFound": "1669632607705",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"gzip"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-1271"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198742,
"title": "Ubuntu Security Notification for Gzip Vulnerability (USN-5378-1)",
"cvssInfo": {
"baseScore": "5.4",
"temporalScore": "4.0",
"accessVector": "Adjacent Network"
},
"cvss3Info": {
"baseScore": "8.8",
"temporalScore": "7.7"
},
"patchAvailable": true,
"published": 1649940205000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "gzip",
"version": "1.6-5ubuntu1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.6-5ubuntu1.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibpcre3 2:8.39-9 2:8.39-9ubuntu0.1",
"lastFound": "1669632607721",
"firstFound": "1669632607721",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"pcre"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2019-20838",
"CVE-2020-14155"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198789,
"title": "Ubuntu Security Notification for PCRE Vulnerabilities (USN-5425-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1652881620000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libpcre3:amd64",
"version": "2:8.39-9",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2:8.39-9ubuntu0.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibldap-2.4-2 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.5\nlibldap-common 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.5",
"lastFound": "1669632607611",
"firstFound": "1669632607611",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"openldap"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-12243"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197878,
"title": "Ubuntu Security Notification for Openldap Vulnerability (USN-4352-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1589373849000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libldap-2.4-2:amd64",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.5",
"vulnerabilities": null
},
{
"name": "libldap-common",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.5",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nca-certificates 20180409 20190110~18.04.1",
"lastFound": "1669632607619",
"firstFound": "1669632607619",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"none"
],
"vendor": [
"ubuntu"
],
"cveids": [],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197904,
"title": "Ubuntu Security Notification for Ca-certificates Update (USN-4377-1)",
"cvssInfo": {
"baseScore": "1.9",
"temporalScore": "1.4",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "4.0",
"temporalScore": "3.5"
},
"patchAvailable": true,
"published": 1591622001000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "ca-certificates",
"version": "20180409",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "20190110~18.04.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibzstd1 1.3.3+dfsg-2ubuntu1.1 1.3.3+dfsg-2ubuntu1.2",
"lastFound": "1669632607669",
"firstFound": "1669632607669",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-24031",
"CVE-2021-24032"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198289,
"title": "Ubuntu Security Notification for Libzstd Vulnerabilities (USN-4760-1)",
"cvssInfo": {
"baseScore": "2.1",
"temporalScore": "1.6",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "5.5",
"temporalScore": "4.8"
},
"patchAvailable": true,
"published": 1616159095000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libzstd1:amd64",
"version": "1.3.3+dfsg-2ubuntu1.1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.3.3+dfsg-2ubuntu1.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibgnutls30 3.5.18-1ubuntu1.1 3.5.18-1ubuntu1.6",
"lastFound": "1669632607739",
"firstFound": "1669632607739",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"gnutls"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-4209",
"CVE-2022-2509"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198887,
"title": "Ubuntu Security Notification for GnuTLS Vulnerabilities (USN-5550-1)",
"cvssInfo": {
"baseScore": "5.4",
"temporalScore": "4.0",
"accessVector": "Adjacent Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1659963867000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libgnutls30:amd64",
"version": "3.5.18-1ubuntu1.1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "3.5.18-1ubuntu1.6",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nca-certificates 20180409 20210119~18.04.1",
"lastFound": "1669632607675",
"firstFound": "1669632607675",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"ca-certificates"
],
"vendor": [
"ubuntu"
],
"cveids": [],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198248,
"title": "Ubuntu Security Notification for Ca-certificates Update (USN-4719-1)",
"cvssInfo": {
"baseScore": "0.0",
"temporalScore": "0.0",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "0.0",
"temporalScore": "0.0"
},
"patchAvailable": true,
"published": 1617713116000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "ca-certificates",
"version": "20180409",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "20210119~18.04.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibss2 1.44.1-1ubuntu1.2 1.44.1-1ubuntu1.3\nlibext2fs2 1.44.1-1ubuntu1.2 1.44.1-1ubuntu1.3\nlibcom-err2 1.44.1-1ubuntu1.2 1.44.1-1ubuntu1.3\ne2fsprogs 1.44.1-1ubuntu1.2 1.44.1-1ubuntu1.3",
"lastFound": "1669632607599",
"firstFound": "1669632607599",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"e2fsprogs"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2019-5188"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197763,
"title": "Ubuntu Security Notification for E2fsprogs Vulnerability (USN-4249-1)",
"cvssInfo": {
"baseScore": "4.4",
"temporalScore": "3.3",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "6.7",
"temporalScore": "5.8"
},
"patchAvailable": true,
"published": 1580122025000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libext2fs2:amd64",
"version": "1.44.1-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.44.1-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "libss2:amd64",
"version": "1.44.1-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.44.1-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "e2fsprogs",
"version": "1.44.1-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.44.1-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "libcom-err2:amd64",
"version": "1.44.1-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.44.1-1ubuntu1.3",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibssl1.1 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.17\nopenssl 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.17",
"lastFound": "1669632607715",
"firstFound": "1669632607715",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"openssl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-1473",
"CVE-2022-1343",
"CVE-2022-1434",
"CVE-2022-1292"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": true,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198771,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerabilities (USN-5402-1)",
"cvssInfo": {
"baseScore": "10.0",
"temporalScore": "7.4",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1651760650000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libssl1.1:amd64",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.17",
"vulnerabilities": null
},
{
"name": "openssl",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.17",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibudev1 237-3ubuntu10.33 237-3ubuntu10.38\nlibsystemd0 237-3ubuntu10.33 237-3ubuntu10.38",
"lastFound": "1669632607605",
"firstFound": "1669632607605",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"systemd"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-16888",
"CVE-2019-20386",
"CVE-2019-3843",
"CVE-2019-3844",
"CVE-2020-1712"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": true,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197784,
"title": "Ubuntu Security Notification for Systemd Vulnerabilities (USN-4269-1)",
"cvssInfo": {
"baseScore": "4.6",
"temporalScore": "3.6",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "7.8",
"temporalScore": "7.0"
},
"patchAvailable": true,
"published": 1581082642000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libsystemd0:amd64",
"version": "237-3ubuntu10.33",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "237-3ubuntu10.38",
"vulnerabilities": null
},
{
"name": "libudev1:amd64",
"version": "237-3ubuntu10.33",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "237-3ubuntu10.38",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\ngpg-agent 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.5\ngpg-wks-client 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.5\ngnupg-utils 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.5\ngpgconf 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.5\ngpg 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.5\ndirmngr 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.5\ngnupg 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.5\ngpg-wks-server 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.5\ngnupg-l10n 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.5\ngpgsm 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.5\ngpgv 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.5",
"lastFound": "1669632607727",
"firstFound": "1669632607727",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"gnupg"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2019-13050"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198808,
"title": "Ubuntu Security Notification for GnuPG Vulnerability (USN-5431-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1654003491000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "gpg-wks-client",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.5",
"vulnerabilities": null
},
{
"name": "gnupg-l10n",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.5",
"vulnerabilities": null
},
{
"name": "gpgv",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.5",
"vulnerabilities": null
},
{
"name": "gpg",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.5",
"vulnerabilities": null
},
{
"name": "gnupg",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.5",
"vulnerabilities": null
},
{
"name": "gnupg-utils",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.5",
"vulnerabilities": null
},
{
"name": "gpg-agent",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.5",
"vulnerabilities": null
},
{
"name": "dirmngr",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.5",
"vulnerabilities": null
},
{
"name": "gpgsm",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.5",
"vulnerabilities": null
},
{
"name": "gpgconf",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.5",
"vulnerabilities": null
},
{
"name": "gpg-wks-server",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.5",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibsqlite3-0 3.22.0-1ubuntu0.2 3.22.0-1ubuntu0.6",
"lastFound": "1669632607745",
"firstFound": "1669632607745",
"severity": 5,
"customerSeverity": 5,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 50,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"sqlite"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-35525",
"CVE-2021-20223",
"CVE-2020-35527"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198940,
"title": "Ubuntu Security Notification for SQLite Vulnerabilities (USN-5615-1)",
"cvssInfo": {
"baseScore": "5.4",
"temporalScore": "4.0",
"accessVector": "Adjacent Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1663596466000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libsqlite3-0:amd64",
"version": "3.22.0-1ubuntu0.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "3.22.0-1ubuntu0.6",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibsepol1 2.7-1 2.7-1ubuntu0.1",
"lastFound": "1669632607711",
"firstFound": "1669632607711",
"severity": 2,
"customerSeverity": 2,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 20,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"libsepol"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-36086",
"CVE-2021-36087",
"CVE-2021-36084",
"CVE-2021-36085"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198754,
"title": "Ubuntu Security Notification for libsepol Vulnerabilities (USN-5391-1)",
"cvssInfo": {
"baseScore": "2.1",
"temporalScore": "1.6",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "3.3",
"temporalScore": "2.9"
},
"patchAvailable": true,
"published": 1651154591000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libsepol1:amd64",
"version": "2.7-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.7-1ubuntu0.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibcurl4 7.58.0-2ubuntu3.8 7.58.0-2ubuntu3.15",
"lastFound": "1669632607688",
"firstFound": "1669632607688",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"curl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-22946",
"CVE-2021-22947",
"CVE-2021-22945"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198501,
"title": "Ubuntu Security Notification for curl Vulnerabilities (USN-5079-1)",
"cvssInfo": {
"baseScore": "5.8",
"temporalScore": "4.3",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.1",
"temporalScore": "7.9"
},
"patchAvailable": true,
"published": 1632151224000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libcurl4:amd64",
"version": "7.58.0-2ubuntu3.8",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.58.0-2ubuntu3.15",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibldap-2.4-2 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.7\nlibldap-common 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.7",
"lastFound": "1669632607642",
"firstFound": "1669632607642",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-25692"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198143,
"title": "Ubuntu Security Notification for Openldap Vulnerability (USN-4622-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1606311270000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libldap-2.4-2:amd64",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.7",
"vulnerabilities": null
},
{
"name": "libldap-common",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.7",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibcurl4 7.58.0-2ubuntu3.8 7.58.0-2ubuntu3.14",
"lastFound": "1669632607685",
"firstFound": "1669632607685",
"severity": 2,
"customerSeverity": 2,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 20,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"curl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-22924",
"CVE-2021-22898",
"CVE-2021-22925"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198441,
"title": "Ubuntu Security Notification for curl vulnerabilities (USN-5021-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.3",
"temporalScore": "4.6"
},
"patchAvailable": true,
"published": 1627911353000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libcurl4:amd64",
"version": "7.58.0-2ubuntu3.8",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.58.0-2ubuntu3.14",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nliblzma5 5.2.2-1.3 5.2.2-1.3ubuntu0.1",
"lastFound": "1669632607707",
"firstFound": "1669632607707",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"xz"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-1271"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198743,
"title": "Ubuntu Security Notification for XZ Utils Vulnerability (USN-5378-2)",
"cvssInfo": {
"baseScore": "5.4",
"temporalScore": "4.0",
"accessVector": "Adjacent Network"
},
"cvss3Info": {
"baseScore": "8.8",
"temporalScore": "7.7"
},
"patchAvailable": true,
"published": 1649940205000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "liblzma5:amd64",
"version": "5.2.2-1.3",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "5.2.2-1.3ubuntu0.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibext2fs2 1.44.1-1ubuntu1.2 1.44.1-1ubuntu1.4\nlibss2 1.44.1-1ubuntu1.2 1.44.1-1ubuntu1.4\nlibcom-err2 1.44.1-1ubuntu1.2 1.44.1-1ubuntu1.4\ne2fsprogs 1.44.1-1ubuntu1.2 1.44.1-1ubuntu1.4",
"lastFound": "1669632607730",
"firstFound": "1669632607730",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"e2fsprogs"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-1304"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198819,
"title": "Ubuntu Security Notification for E2fsprogs Vulnerability (USN-5464-1)",
"cvssInfo": {
"baseScore": "6.8",
"temporalScore": "5.0",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.8",
"temporalScore": "6.8"
},
"patchAvailable": true,
"published": 1654692428000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libext2fs2:amd64",
"version": "1.44.1-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.44.1-1ubuntu1.4",
"vulnerabilities": null
},
{
"name": "libss2:amd64",
"version": "1.44.1-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.44.1-1ubuntu1.4",
"vulnerabilities": null
},
{
"name": "e2fsprogs",
"version": "1.44.1-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.44.1-1ubuntu1.4",
"vulnerabilities": null
},
{
"name": "libcom-err2:amd64",
"version": "1.44.1-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.44.1-1ubuntu1.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nopenssl 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.20\nlibssl1.1 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.20",
"lastFound": "1669632607738",
"firstFound": "1669632607738",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"openssl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-2097"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198850,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerability (USN-5502-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.3",
"temporalScore": "4.6"
},
"patchAvailable": true,
"published": 1657111742000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libssl1.1:amd64",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.20",
"vulnerabilities": null
},
{
"name": "openssl",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.20",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibkrb5support0 1.16-2ubuntu0.1 1.16-2ubuntu0.2\nlibk5crypto3 1.16-2ubuntu0.1 1.16-2ubuntu0.2\nlibkrb5-3 1.16-2ubuntu0.1 1.16-2ubuntu0.2\nkrb5-locales 1.16-2ubuntu0.1 1.16-2ubuntu0.2\nlibgssapi-krb5-2 1.16-2ubuntu0.1 1.16-2ubuntu0.2",
"lastFound": "1669632607649",
"firstFound": "1669632607649",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"krb5"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-28196"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198156,
"title": "Ubuntu Security Notification for Krb5 Vulnerability (USN-4635-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1607001915000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "krb5-locales",
"version": "1.16-2ubuntu0.1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.16-2ubuntu0.2",
"vulnerabilities": null
},
{
"name": "libgssapi-krb5-2:amd64",
"version": "1.16-2ubuntu0.1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.16-2ubuntu0.2",
"vulnerabilities": null
},
{
"name": "libkrb5support0:amd64",
"version": "1.16-2ubuntu0.1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.16-2ubuntu0.2",
"vulnerabilities": null
},
{
"name": "libk5crypto3:amd64",
"version": "1.16-2ubuntu0.1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.16-2ubuntu0.2",
"vulnerabilities": null
},
{
"name": "libkrb5-3:amd64",
"version": "1.16-2ubuntu0.1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.16-2ubuntu0.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibsasl2-2 2.1.27~101-g0780600+dfsg-3ubuntu2 2.1.27~101-g0780600+dfsg-3ubuntu2.1\nlibsasl2-modules-db 2.1.27~101-g0780600+dfsg-3ubuntu2 2.1.27~101-g0780600+dfsg-3ubuntu2.1",
"lastFound": "1669632607602",
"firstFound": "1669632607602",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"cyrus-sasl2"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2019-19906"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197770,
"title": "Ubuntu Security Notification for Cyrus-sasl2 Vulnerability (USN-4256-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1580383774000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libsasl2-2:amd64",
"version": "2.1.27~101-g0780600+dfsg-3ubuntu2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.1.27~101-g0780600+dfsg-3ubuntu2.1",
"vulnerabilities": null
},
{
"name": "libsasl2-modules-db:amd64",
"version": "2.1.27~101-g0780600+dfsg-3ubuntu2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.1.27~101-g0780600+dfsg-3ubuntu2.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibudev1 237-3ubuntu10.33 237-3ubuntu10.54\nlibsystemd0 237-3ubuntu10.33 237-3ubuntu10.54",
"lastFound": "1669632607743",
"firstFound": "1669632607743",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"systemd"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-2526"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198914,
"title": "Ubuntu Security Notification for systemd Vulnerability (USN-5583-1)",
"cvssInfo": {
"baseScore": "5.4",
"temporalScore": "4.0",
"accessVector": "Adjacent Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1661949442000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libsystemd0:amd64",
"version": "237-3ubuntu10.33",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "237-3ubuntu10.54",
"vulnerabilities": null
},
{
"name": "libudev1:amd64",
"version": "237-3ubuntu10.33",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "237-3ubuntu10.54",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibsqlite3-0 3.22.0-1ubuntu0.2 3.22.0-1ubuntu0.4",
"lastFound": "1669632607622",
"firstFound": "1669632607622",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"sqlite3"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-8740",
"CVE-2019-19603",
"CVE-2019-19645",
"CVE-2020-11655",
"CVE-2020-13434",
"CVE-2020-13435",
"CVE-2020-13630",
"CVE-2020-13631",
"CVE-2020-13632"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197919,
"title": "Ubuntu Security Notification for Sqlite3 Vulnerabilities (USN-4394-1)",
"cvssInfo": {
"baseScore": "4.4",
"temporalScore": "3.3",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1592310179000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libsqlite3-0:amd64",
"version": "3.22.0-1ubuntu0.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "3.22.0-1ubuntu0.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibgmp10 2:6.1.2+dfsg-2 2:6.1.2+dfsg-2ubuntu0.1",
"lastFound": "1669632607745",
"firstFound": "1669632607745",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"gmp"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-43618"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198983,
"title": "Ubuntu Security Notification for GMP Vulnerability (USN-5672-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1665668550000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libgmp10:amd64",
"version": "2:6.1.2+dfsg-2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2:6.1.2+dfsg-2ubuntu0.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\ngnupg 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.6\ngpg-agent 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.6\ngpg 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.6\ngnupg-l10n 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.6\ngpg-wks-server 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.6\ngnupg-utils 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.6\ngpgv 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.6\ndirmngr 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.6\ngpg-wks-client 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.6\ngpgconf 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.6\ngpgsm 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.6",
"lastFound": "1669632607736",
"firstFound": "1669632607736",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"gnupg"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-34903"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198848,
"title": "Ubuntu Security Notification for GnuPG Vulnerability (USN-5503-1)",
"cvssInfo": {
"baseScore": "5.8",
"temporalScore": "4.3",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "6.5",
"temporalScore": "5.7"
},
"patchAvailable": true,
"published": 1657111742000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "gpg-wks-client",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.6",
"vulnerabilities": null
},
{
"name": "gnupg-l10n",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.6",
"vulnerabilities": null
},
{
"name": "gpgv",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.6",
"vulnerabilities": null
},
{
"name": "gpg",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.6",
"vulnerabilities": null
},
{
"name": "gnupg",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.6",
"vulnerabilities": null
},
{
"name": "gnupg-utils",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.6",
"vulnerabilities": null
},
{
"name": "gpg-agent",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.6",
"vulnerabilities": null
},
{
"name": "dirmngr",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.6",
"vulnerabilities": null
},
{
"name": "gpgsm",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.6",
"vulnerabilities": null
},
{
"name": "gpgconf",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.6",
"vulnerabilities": null
},
{
"name": "gpg-wks-server",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.6",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibcurl4 7.58.0-2ubuntu3.8 7.58.0-2ubuntu3.18",
"lastFound": "1669632607719",
"firstFound": "1669632607719",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"curl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-27780",
"CVE-2022-27781",
"CVE-2022-27782"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198780,
"title": "Ubuntu Security Notification for curl Vulnerabilities (USN-5412-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1652361630000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libcurl4:amd64",
"version": "7.58.0-2ubuntu3.8",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.58.0-2ubuntu3.18",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibcurl4 7.58.0-2ubuntu3.8 7.58.0-2ubuntu3.19",
"lastFound": "1669632607734",
"firstFound": "1669632607734",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"curl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-32208",
"CVE-2022-32207",
"CVE-2022-32205",
"CVE-2022-32206"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198842,
"title": "Ubuntu Security Notification for curl Vulnerabilities (USN-5495-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1656420294000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libcurl4:amd64",
"version": "7.58.0-2ubuntu3.8",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.58.0-2ubuntu3.19",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibnettle6 3.4-1 3.4-1ubuntu0.1\nlibhogweed4 3.4-1 3.4-1ubuntu0.1",
"lastFound": "1669632607677",
"firstFound": "1669632607677",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"nettle"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-20305"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198322,
"title": "Ubuntu Security Notification for Nettle vulnerability (USN-4906-1)",
"cvssInfo": {
"baseScore": "6.8",
"temporalScore": "5.0",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "8.1",
"temporalScore": "7.1"
},
"patchAvailable": true,
"published": 1618843000000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libhogweed4:amd64",
"version": "3.4-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "3.4-1ubuntu0.1",
"vulnerabilities": null
},
{
"name": "libnettle6:amd64",
"version": "3.4-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "3.4-1ubuntu0.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibc-bin 2.27-3ubuntu1 2.27-3ubuntu1.2\nlibc6 2.27-3ubuntu1 2.27-3ubuntu1.2",
"lastFound": "1669632607627",
"firstFound": "1669632607627",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"glibc"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-12133",
"CVE-2017-18269",
"CVE-2018-11236",
"CVE-2018-11237",
"CVE-2018-19591",
"CVE-2018-6485",
"CVE-2019-19126",
"CVE-2019-9169",
"CVE-2020-10029",
"CVE-2020-1751",
"CVE-2020-1752"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197941,
"title": "Ubuntu Security Notification for Glibc Vulnerabilities (USN-4416-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1595942307000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libc6:amd64",
"version": "2.27-3ubuntu1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.27-3ubuntu1.2",
"vulnerabilities": null
},
{
"name": "libc-bin",
"version": "2.27-3ubuntu1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.27-3ubuntu1.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibsasl2-2 2.1.27~101-g0780600+dfsg-3ubuntu2 2.1.27~101-g0780600+dfsg-3ubuntu2.4\nlibsasl2-modules-db 2.1.27~101-g0780600+dfsg-3ubuntu2 2.1.27~101-g0780600+dfsg-3ubuntu2.4",
"lastFound": "1669632607695",
"firstFound": "1669632607695",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"cyrus"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-24407"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198675,
"title": "Ubuntu Security Notification for Cyrus SASL Vulnerability (USN-5301-1)",
"cvssInfo": {
"baseScore": "6.5",
"temporalScore": "4.8",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "8.8",
"temporalScore": "7.7"
},
"patchAvailable": true,
"published": 1645706907000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libsasl2-2:amd64",
"version": "2.1.27~101-g0780600+dfsg-3ubuntu2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.1.27~101-g0780600+dfsg-3ubuntu2.4",
"vulnerabilities": null
},
{
"name": "libsasl2-modules-db:amd64",
"version": "2.1.27~101-g0780600+dfsg-3ubuntu2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.1.27~101-g0780600+dfsg-3ubuntu2.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nopenssl 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.7\nlibssl1.1 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.7",
"lastFound": "1669632607651",
"firstFound": "1669632607651",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-1971"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198184,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerability (USN-4662-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.2",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.9",
"temporalScore": "5.2"
},
"patchAvailable": true,
"published": 1607604403000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libssl1.1:amd64",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.7",
"vulnerabilities": null
},
{
"name": "openssl",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.7",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibcurl4 7.58.0-2ubuntu3.8 7.58.0-2ubuntu3.9",
"lastFound": "1669632607625",
"firstFound": "1669632607625",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"curl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-8169",
"CVE-2020-8177"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197927,
"title": "Ubuntu Security Notification for Curl Vulnerabilities (USN-4402-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.8",
"temporalScore": "6.8"
},
"patchAvailable": true,
"published": 1595247863000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libcurl4:amd64",
"version": "7.58.0-2ubuntu3.8",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.58.0-2ubuntu3.9",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "db version v4.2.2\ngit version: a0bbbff6ada159e19298d37946ac8dc4b497eadf\nOpenSSL version: OpenSSL 1.1.1 11 Sep 2018\nallocator: tcmalloc\nmodules: none\nbuild environment:\n distmod: ubuntu1804\n distarch: x86_64\n target_arch: x86_64",
"lastFound": "1669632607756",
"firstFound": "1669632607756",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Local",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"WINDOWS_AUTH",
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Windows Agent",
"CA-Linux Agent",
"CA-Mac Agent"
],
"product": [
"mongodb"
],
"vendor": [
"mongodb"
],
"cveids": [
"CVE-2021-32037",
"CVE-2021-20330"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 376399,
"title": "MongoDB Multiple Security Vulnerabilities (SERVER-59071,SERVER-36263)",
"cvssInfo": {
"baseScore": "4.0",
"temporalScore": "3.0",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "6.5",
"temporalScore": "5.7"
},
"patchAvailable": true,
"published": 1644841857000,
"scanType": [
"DYNAMIC"
],
"software": null
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibldap-2.4-2 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.8\nlibldap-common 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.8",
"lastFound": "1669632607646",
"firstFound": "1669632607646",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"openldap"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-25709",
"CVE-2020-25710"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198155,
"title": "Ubuntu Security Notification for Openldap Vulnerabilities (USN-4634-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1607001915000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libldap-2.4-2:amd64",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.8",
"vulnerabilities": null
},
{
"name": "libldap-common",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.8",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibp11-kit0 0.23.9-2 0.23.9-2ubuntu0.1",
"lastFound": "1669632607658",
"firstFound": "1669632607658",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-29361",
"CVE-2020-29362",
"CVE-2020-29363"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198203,
"title": "Ubuntu Security Notification for P11-kit Vulnerabilities (USN-4677-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1611149095000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libp11-kit0:amd64",
"version": "0.23.9-2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "0.23.9-2ubuntu0.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nca-certificates 20180409 20201027ubuntu0.18.04.1",
"lastFound": "1669632607640",
"firstFound": "1669632607640",
"severity": 2,
"customerSeverity": 2,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 20,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"none"
],
"vendor": [
"ubuntu"
],
"cveids": [],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198130,
"title": "Ubuntu Security Notification for Ca-certificates Update (USN-4608-1)",
"cvssInfo": {
"baseScore": "2.6",
"temporalScore": "1.9",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.3",
"temporalScore": "4.6"
},
"patchAvailable": true,
"published": 1606223062000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "ca-certificates",
"version": "20180409",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "20201027ubuntu0.18.04.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibcurl4 7.58.0-2ubuntu3.8 7.58.0-2ubuntu3.16",
"lastFound": "1669632607690",
"firstFound": "1669632607690",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198508,
"title": "Ubuntu Security Notification for curl Vulnerabilities (USN-5079-3)",
"cvssInfo": {
"baseScore": "5.4",
"temporalScore": "4.0",
"accessVector": "Adjacent Network"
},
"cvss3Info": {
"baseScore": "4.2",
"temporalScore": "3.7"
},
"patchAvailable": true,
"published": 1632832693000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libcurl4:amd64",
"version": "7.58.0-2ubuntu3.8",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.58.0-2ubuntu3.16",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibapt-pkg5.0 1.6.12 1.6.12ubuntu0.1\napt 1.6.12 1.6.12ubuntu0.1",
"lastFound": "1669632607614",
"firstFound": "1669632607614",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"apt"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-3810"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197885,
"title": "Ubuntu Security Notification for Apt Vulnerability (USN-4359-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.2",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.5",
"temporalScore": "4.8"
},
"patchAvailable": true,
"published": 1589975207000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "apt",
"version": "1.6.12",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.6.12ubuntu0.1",
"vulnerabilities": null
},
{
"name": "libapt-pkg5.0:amd64",
"version": "1.6.12",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.6.12ubuntu0.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nopenssl 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.6\nlibssl1.1 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.6",
"lastFound": "1669632607616",
"firstFound": "1669632607616",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"openssl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2019-1547",
"CVE-2019-1549",
"CVE-2019-1551",
"CVE-2019-1563"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197902,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerabilities (USN-4376-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.3",
"temporalScore": "4.6"
},
"patchAvailable": true,
"published": 1591104966000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libssl1.1:amd64",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.6",
"vulnerabilities": null
},
{
"name": "openssl",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.6",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\ndpkg 1.19.0.5ubuntu2.3 1.19.0.5ubuntu2.4",
"lastFound": "1669632607725",
"firstFound": "1669632607725",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"dpkg"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-1664"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198805,
"title": "Ubuntu Security Notification for dpkg Vulnerability (USN-5446-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1653916810000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "dpkg",
"version": "1.19.0.5ubuntu2.3",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.19.0.5ubuntu2.4",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibksba8 1.3.5-2 1.3.5-2ubuntu0.18.04.1",
"lastFound": "1669632607747",
"firstFound": "1669632607747",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"libksba"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-3515"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198995,
"title": "Ubuntu Security Notification for Libksba Vulnerability (USN-5688-1)",
"cvssInfo": {
"baseScore": "5.4",
"temporalScore": "4.0",
"accessVector": "Adjacent Network"
},
"cvss3Info": {
"baseScore": "8.6",
"temporalScore": "7.5"
},
"patchAvailable": true,
"published": 1666271179000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libksba8:amd64",
"version": "1.3.5-2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.3.5-2ubuntu0.18.04.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibcurl4 7.58.0-2ubuntu3.8 7.58.0-2ubuntu3.12",
"lastFound": "1669632607653",
"firstFound": "1669632607653",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-8231",
"CVE-2020-8284",
"CVE-2020-8285",
"CVE-2020-8286"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198187,
"title": "Ubuntu Security Notification for Curl Vulnerabilities (USN-4665-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1608036680000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libcurl4:amd64",
"version": "7.58.0-2ubuntu3.8",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.58.0-2ubuntu3.12",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nzlib1g 1:1.2.11.dfsg-0ubuntu2 1:1.2.11.dfsg-0ubuntu2.1",
"lastFound": "1669632607703",
"firstFound": "1669632607703",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"zlib"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-25032"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198720,
"title": "Ubuntu Security Notification for zlib Vulnerability (USN-5355-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1648736534000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "zlib1g:amd64",
"version": "1:1.2.11.dfsg-0ubuntu2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1:1.2.11.dfsg-0ubuntu2.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nzlib1g 1:1.2.11.dfsg-0ubuntu2 1:1.2.11.dfsg-0ubuntu2.2",
"lastFound": "1669632607741",
"firstFound": "1669632607741",
"severity": 5,
"customerSeverity": 5,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 50,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"zlib"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-37434"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198903,
"title": "Ubuntu Security Notification for zlib Vulnerability (USN-5570-1)",
"cvssInfo": {
"baseScore": "5.4",
"temporalScore": "4.0",
"accessVector": "Adjacent Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1660825984000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "zlib1g:amd64",
"version": "1:1.2.11.dfsg-0ubuntu2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1:1.2.11.dfsg-0ubuntu2.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nopenssl 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.13\nlibssl1.1 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.13",
"lastFound": "1669632607686",
"firstFound": "1669632607686",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"openssl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-3712",
"CVE-2021-3711"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198469,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerabilities (USN-5051-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1630417759000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libssl1.1:amd64",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.13",
"vulnerabilities": null
},
{
"name": "openssl",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.13",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nopenssl 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.8\nlibssl1.1 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.8",
"lastFound": "1669632607663",
"firstFound": "1669632607663",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-23840",
"CVE-2021-23841"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198268,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerabilities (USN-4738-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1613999069000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libssl1.1:amd64",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.8",
"vulnerabilities": null
},
{
"name": "openssl",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.8",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibssl1.1 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.19\nopenssl 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.19",
"lastFound": "1669632607732",
"firstFound": "1669632607732",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"openssl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-2068"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": true,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198839,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerability (USN-5488-1)",
"cvssInfo": {
"baseScore": "10.0",
"temporalScore": "7.4",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1656081283000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libssl1.1:amd64",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.19",
"vulnerabilities": null
},
{
"name": "openssl",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.19",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibgcrypt20 1.8.1-4ubuntu1.1 1.8.1-4ubuntu1.2",
"lastFound": "1669632607597",
"firstFound": "1669632607597",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"libgcrypt20"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2019-13627"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197748,
"title": "Ubuntu Security Notification for Libgcrypt20 Vulnerability (USN-4236-1)",
"cvssInfo": {
"baseScore": "2.6",
"temporalScore": "1.9",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "6.3",
"temporalScore": "5.5"
},
"patchAvailable": true,
"published": 1579167804000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libgcrypt20:amd64",
"version": "1.8.1-4ubuntu1.1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.8.1-4ubuntu1.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibsqlite3-0 3.22.0-1ubuntu0.2 3.22.0-1ubuntu0.3",
"lastFound": "1669632607609",
"firstFound": "1669632607609",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"sqlite3"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2019-13734",
"CVE-2019-13750",
"CVE-2019-13751",
"CVE-2019-13752",
"CVE-2019-13753",
"CVE-2019-19880",
"CVE-2019-19923",
"CVE-2019-19924",
"CVE-2019-19925",
"CVE-2019-19926",
"CVE-2019-19959",
"CVE-2019-20218",
"CVE-2020-9327"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197815,
"title": "Ubuntu Security Notification for Sqlite3 Vulnerabilities (USN-4298-1)",
"cvssInfo": {
"baseScore": "6.8",
"temporalScore": "5.0",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "8.8",
"temporalScore": "7.7"
},
"patchAvailable": true,
"published": 1584014413000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libsqlite3-0:amd64",
"version": "3.22.0-1ubuntu0.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "3.22.0-1ubuntu0.3",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibldap-2.4-2 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.9\nlibldap-common 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.9",
"lastFound": "1669632607665",
"firstFound": "1669632607665",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-36221",
"CVE-2020-36222",
"CVE-2020-36223",
"CVE-2020-36224",
"CVE-2020-36225",
"CVE-2020-36226",
"CVE-2020-36227",
"CVE-2020-36228",
"CVE-2020-36229",
"CVE-2020-36230"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198253,
"title": "Ubuntu Security Notification for Openldap Vulnerabilities (USN-4724-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1614263468000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libldap-2.4-2:amd64",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.9",
"vulnerabilities": null
},
{
"name": "libldap-common",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.9",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibcurl4 7.58.0-2ubuntu3.8 7.58.0-2ubuntu3.13",
"lastFound": "1669632607674",
"firstFound": "1669632607674",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-22876",
"CVE-2021-22890"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198316,
"title": "Ubuntu Security Notification for Curl Vulnerabilities (USN-4898-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.3",
"temporalScore": "4.6"
},
"patchAvailable": true,
"published": 1617713116000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libcurl4:amd64",
"version": "7.58.0-2ubuntu3.8",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.58.0-2ubuntu3.13",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibcurl4 7.58.0-2ubuntu3.8 7.58.0-2ubuntu3.17",
"lastFound": "1669632607713",
"firstFound": "1669632607713",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"curl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-22576",
"CVE-2022-27774",
"CVE-2022-27775",
"CVE-2022-27776"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198759,
"title": "Ubuntu Security Notification for curl Vulnerabilities (USN-5397-1)",
"cvssInfo": {
"baseScore": "5.5",
"temporalScore": "4.1",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "8.1",
"temporalScore": "7.1"
},
"patchAvailable": true,
"published": 1651496518000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libcurl4:amd64",
"version": "7.58.0-2ubuntu3.8",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.58.0-2ubuntu3.17",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\ntar 1.29b-2ubuntu0.1 1.29b-2ubuntu0.2",
"lastFound": "1669632607661",
"firstFound": "1669632607661",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-20482",
"CVE-2019-9923"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198219,
"title": "Ubuntu Security Notification for Tar Vulnerabilities (USN-4692-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1612192907000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "tar",
"version": "1.29b-2ubuntu0.1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.29b-2ubuntu0.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibapt-pkg5.0 1.6.12 1.6.12ubuntu0.2\napt 1.6.12 1.6.12ubuntu0.2",
"lastFound": "1669632607656",
"firstFound": "1669632607656",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-27350"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198189,
"title": "Ubuntu Security Notification for Apt Vulnerability (USN-4667-1)",
"cvssInfo": {
"baseScore": "4.6",
"temporalScore": "3.4",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "5.7",
"temporalScore": "5.0"
},
"patchAvailable": true,
"published": 1608036680000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "apt",
"version": "1.6.12",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.6.12ubuntu0.2",
"vulnerabilities": null
},
{
"name": "libapt-pkg5.0:amd64",
"version": "1.6.12",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.6.12ubuntu0.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibldap-2.4-2 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.10\nlibldap-common 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.10",
"lastFound": "1669632607666",
"firstFound": "1669632607666",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-27212"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198274,
"title": "Ubuntu Security Notification for Openldap Vulnerability (USN-4744-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1614946015000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libldap-2.4-2:amd64",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.10",
"vulnerabilities": null
},
{
"name": "libldap-common",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.10",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nperl-base 5.26.1-6ubuntu0.3 5.26.1-6ubuntu0.5",
"lastFound": "1669632607637",
"firstFound": "1669632607637",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-10543",
"CVE-2020-10878",
"CVE-2020-12723"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198120,
"title": "Ubuntu Security Notification for Perl Vulnerabilities (USN-4602-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "8.6",
"temporalScore": "7.5"
},
"patchAvailable": true,
"published": 1605191683000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "perl-base",
"version": "5.26.1-6ubuntu0.3",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "5.26.1-6ubuntu0.5",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nopenssl 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.9\nlibssl1.1 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.9",
"lastFound": "1669632607671",
"firstFound": "1669632607671",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"None"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-3449"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198310,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerability (USN-4891-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.2",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.9",
"temporalScore": "5.2"
},
"patchAvailable": true,
"published": 1616772828000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libssl1.1:amd64",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.9",
"vulnerabilities": null
},
{
"name": "openssl",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.9",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibcurl4 7.58.0-2ubuntu3.8 7.58.0-2ubuntu3.20",
"lastFound": "1669632607745",
"firstFound": "1669632607745",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"curl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-35252"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198918,
"title": "Ubuntu Security Notification for curl Vulnerability (USN-5587-1)",
"cvssInfo": {
"baseScore": "5.4",
"temporalScore": "4.0",
"accessVector": "Adjacent Network"
},
"cvss3Info": {
"baseScore": "3.7",
"temporalScore": "3.2"
},
"patchAvailable": true,
"published": 1662382063000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libcurl4:amd64",
"version": "7.58.0-2ubuntu3.8",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.58.0-2ubuntu3.20",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlogin 1:4.5-1ubuntu2 1:4.5-1ubuntu2.2\npasswd 1:4.5-1ubuntu2 1:4.5-1ubuntu2.2",
"lastFound": "1669632607692",
"firstFound": "1669632607692",
"severity": 5,
"customerSeverity": 5,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 50,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"shadow"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2017-12424",
"CVE-2018-7169"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198646,
"title": "Ubuntu Security Notification for shadow Vulnerabilities (USN-5254-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1643701469000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "passwd",
"version": "1:4.5-1ubuntu2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1:4.5-1ubuntu2.2",
"vulnerabilities": null
},
{
"name": "login",
"version": "1:4.5-1ubuntu2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1:4.5-1ubuntu2.2",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nliblz4-1 0.0~r131-2ubuntu3 0.0~r131-2ubuntu3.1",
"lastFound": "1669632607678",
"firstFound": "1669632607678",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"lz4"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-3520"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198387,
"title": "Ubuntu Security Notification for LZ4 vulnerability (USN-4968-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1622551289000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "liblz4-1:amd64",
"version": "0.0~r131-2ubuntu3",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "0.0~r131-2ubuntu3.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibkrb5-26-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1\nlibhx509-5-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1\nlibheimntlm0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1\nlibheimbase1-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1\nlibasn1-8-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1\nlibroken18-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1\nlibwind0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1\nlibgssapi3-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1\nlibhcrypto4-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1",
"lastFound": "1669632607745",
"firstFound": "1669632607745",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"heimdal"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-3116",
"CVE-2019-12098",
"CVE-2021-3671",
"CVE-2018-16860"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198986,
"title": "Ubuntu Security Notification for Heimdal Vulnerabilities (USN-5675-1)",
"cvssInfo": {
"baseScore": "6.0",
"temporalScore": "4.4",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1666015884000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libkrb5-26-heimdal:amd64",
"version": "7.5.0+dfsg-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.5.0+dfsg-1ubuntu0.1",
"vulnerabilities": null
},
{
"name": "libwind0-heimdal:amd64",
"version": "7.5.0+dfsg-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.5.0+dfsg-1ubuntu0.1",
"vulnerabilities": null
},
{
"name": "libgssapi3-heimdal:amd64",
"version": "7.5.0+dfsg-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.5.0+dfsg-1ubuntu0.1",
"vulnerabilities": null
},
{
"name": "libhx509-5-heimdal:amd64",
"version": "7.5.0+dfsg-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.5.0+dfsg-1ubuntu0.1",
"vulnerabilities": null
},
{
"name": "libasn1-8-heimdal:amd64",
"version": "7.5.0+dfsg-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.5.0+dfsg-1ubuntu0.1",
"vulnerabilities": null
},
{
"name": "libheimntlm0-heimdal:amd64",
"version": "7.5.0+dfsg-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.5.0+dfsg-1ubuntu0.1",
"vulnerabilities": null
},
{
"name": "libroken18-heimdal:amd64",
"version": "7.5.0+dfsg-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.5.0+dfsg-1ubuntu0.1",
"vulnerabilities": null
},
{
"name": "libheimbase1-heimdal:amd64",
"version": "7.5.0+dfsg-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.5.0+dfsg-1ubuntu0.1",
"vulnerabilities": null
},
{
"name": "libhcrypto4-heimdal:amd64",
"version": "7.5.0+dfsg-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.5.0+dfsg-1ubuntu0.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\ntar 1.29b-2ubuntu0.1 1.29b-2ubuntu0.3",
"lastFound": "1669632607701",
"firstFound": "1669632607701",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"tar"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-20193"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198703,
"title": "Ubuntu Security Notification for tar Vulnerability (USN-5329-1)",
"cvssInfo": {
"baseScore": "4.3",
"temporalScore": "3.2",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.5",
"temporalScore": "4.8"
},
"patchAvailable": true,
"published": 1647523964000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "tar",
"version": "1.29b-2ubuntu0.1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.29b-2ubuntu0.3",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nperl-base 5.26.1-6ubuntu0.3 5.26.1-6ubuntu0.6",
"lastFound": "1669632607747",
"firstFound": "1669632607747",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"perl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-16156"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198998,
"title": "Ubuntu Security Notification for Perl Vulnerability (USN-5689-1)",
"cvssInfo": {
"baseScore": "6.8",
"temporalScore": "5.0",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.8",
"temporalScore": "6.8"
},
"patchAvailable": true,
"published": 1666271179000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "perl-base",
"version": "5.26.1-6ubuntu0.3",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "5.26.1-6ubuntu0.6",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibsqlite3-0 3.22.0-1ubuntu0.2 3.22.0-1ubuntu0.5",
"lastFound": "1669632607717",
"firstFound": "1669632607717",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"sqlite"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-36690"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198773,
"title": "Ubuntu Security Notification for SQLite Vulnerability (USN-5403-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1652106310000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libsqlite3-0:amd64",
"version": "3.22.0-1ubuntu0.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "3.22.0-1ubuntu0.5",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "db version v4.2.2\ngit version: a0bbbff6ada159e19298d37946ac8dc4b497eadf\nOpenSSL version: OpenSSL 1.1.1 11 Sep 2018\nallocator: tcmalloc\nmodules: none\nbuild environment:\n distmod: ubuntu1804\n distarch: x86_64\n target_arch: x86_64",
"lastFound": "1669632607752",
"firstFound": "1669632607752",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Local",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"WINDOWS_AUTH",
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Windows Agent",
"CA-Linux Agent"
],
"product": [
"mongodb"
],
"vendor": [
"mongodb"
],
"cveids": [
"CVE-2019-2392",
"CVE-2020-7925",
"CVE-2020-7926",
"CVE-2020-7928"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 374816,
"title": "MongoDB Multiple Security Vulnerabilities(SERVER-43699,SERVER-49142,SERVER-49404,SERVER-50170)",
"cvssInfo": {
"baseScore": "4.0",
"temporalScore": "3.0",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1623330216000,
"scanType": [
"DYNAMIC"
],
"software": null
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibcurl4 7.58.0-2ubuntu3.8 7.58.0-2ubuntu3.10",
"lastFound": "1669632607630",
"firstFound": "1669632607630",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"curl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2020-8231"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 197990,
"title": "Ubuntu Security Notification for Curl Vulnerability (USN-4466-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1598446109000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libcurl4:amd64",
"version": "7.58.0-2ubuntu3.8",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "7.58.0-2ubuntu3.10",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "db version v4.2.2\ngit version: a0bbbff6ada159e19298d37946ac8dc4b497eadf\nOpenSSL version: OpenSSL 1.1.1 11 Sep 2018\nallocator: tcmalloc\nmodules: none\nbuild environment:\n distmod: ubuntu1804\n distarch: x86_64\n target_arch: x86_64",
"lastFound": "1669632607753",
"firstFound": "1669632607753",
"severity": 2,
"customerSeverity": 2,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 20,
"category": "Local",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"WINDOWS_AUTH",
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Windows Agent",
"CA-Linux Agent"
],
"product": [
"mongodb"
],
"vendor": [
"mongodb"
],
"cveids": [
"CVE-2021-20333"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 375790,
"title": "MongoDB Command Execution Vulnerability (SERVER-50605)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "5.3",
"temporalScore": "4.6"
},
"patchAvailable": true,
"published": 1628169786000,
"scanType": [
"DYNAMIC"
],
"software": null
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibudev1 237-3ubuntu10.33 237-3ubuntu10.49\nlibsystemd0 237-3ubuntu10.33 237-3ubuntu10.49",
"lastFound": "1669632607683",
"firstFound": "1669632607683",
"severity": 2,
"customerSeverity": 2,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 20,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"systemd"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2021-33910",
"CVE-2020-13529"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198434,
"title": "Ubuntu Security Notification for systemd vulnerabilities (USN-5013-1)",
"cvssInfo": {
"baseScore": "4.9",
"temporalScore": "3.6",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "6.1",
"temporalScore": "5.3"
},
"patchAvailable": true,
"published": 1626878683000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libsystemd0:amd64",
"version": "237-3ubuntu10.33",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "237-3ubuntu10.49",
"vulnerabilities": null
},
{
"name": "libudev1:amd64",
"version": "237-3ubuntu10.33",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "237-3ubuntu10.49",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nopenssl 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.15\nlibssl1.1 1.1.1-1ubuntu2.1~18.04.5 1.1.1-1ubuntu2.1~18.04.15",
"lastFound": "1669632607699",
"firstFound": "1669632607699",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"openssl"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-0778"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198702,
"title": "Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerability (USN-5328-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1647523964000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libssl1.1:amd64",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.15",
"vulnerabilities": null
},
{
"name": "openssl",
"version": "1.1.1-1ubuntu2.1~18.04.5",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "1.1.1-1ubuntu2.1~18.04.15",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nbash 4.4.18-2ubuntu1.2 4.4.18-2ubuntu1.3",
"lastFound": "1669632607709",
"firstFound": "1669632607709",
"severity": 4,
"customerSeverity": 4,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 40,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"bash"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2019-18276"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": true,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198748,
"title": "Ubuntu Security Notification for Bash Vulnerability (USN-5380-1)",
"cvssInfo": {
"baseScore": "7.2",
"temporalScore": "5.3",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "7.8",
"temporalScore": "6.8"
},
"patchAvailable": true,
"published": 1650546021000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "bash",
"version": "4.4.18-2ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "4.4.18-2ubuntu1.3",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibldap-2.4-2 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.11\nlibldap-common 2.4.45+dfsg-1ubuntu1.4 2.4.45+dfsg-1ubuntu1.11",
"lastFound": "1669632607723",
"firstFound": "1669632607723",
"severity": 5,
"customerSeverity": 5,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 50,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"openldap"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2022-29155"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198791,
"title": "Ubuntu Security Notification for OpenLDAP Vulnerability (USN-5424-1)",
"cvssInfo": {
"baseScore": "7.5",
"temporalScore": "5.5",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "9.8",
"temporalScore": "8.5"
},
"patchAvailable": true,
"published": 1652881620000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libldap-2.4-2:amd64",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.11",
"vulnerabilities": null
},
{
"name": "libldap-common",
"version": "2.4.45+dfsg-1ubuntu1.4",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.4.45+dfsg-1ubuntu1.11",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nlibhogweed4 3.4-1 3.4.1-0ubuntu0.18.04.1\nlibnettle6 3.4-1 3.4.1-0ubuntu0.18.04.1",
"lastFound": "1669632607681",
"firstFound": "1669632607681",
"severity": 2,
"customerSeverity": 2,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 20,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"nettle"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2018-16869",
"CVE-2021-3580"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": null,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198408,
"title": "Ubuntu Security Notification for Nettle vulnerabilities (USN-4990-1)",
"cvssInfo": {
"baseScore": "3.3",
"temporalScore": "2.4",
"accessVector": "Local"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1624453916000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "libhogweed4:amd64",
"version": "3.4-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "3.4.1-0ubuntu0.18.04.1",
"vulnerabilities": null
},
{
"name": "libnettle6:amd64",
"version": "3.4-1",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "3.4.1-0ubuntu0.18.04.1",
"vulnerabilities": null
}
]
},
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\ngpgsm 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.3\ngpgv 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.3\ngnupg-utils 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.3\ngpg 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.3\ngnupg-l10n 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.3\ngpg-agent 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.3\ngpg-wks-server 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.3\ngpg-wks-client 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.3\ngpgconf 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.3\ndirmngr 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.3\ngnupg 2.2.4-1ubuntu1.2 2.2.4-1ubuntu1.3",
"lastFound": "1669632607635",
"firstFound": "1669632607635",
"severity": 3,
"customerSeverity": 3,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 30,
"category": "Ubuntu",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"gnupg2"
],
"vendor": [
"ubuntu"
],
"cveids": [
"CVE-2019-14855"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": null,
"easyExploit": true,
"highDataLoss": null,
"noPatch": null,
"denialOfService": null,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 198037,
"title": "Ubuntu Security Notification for Gnupg2 Vulnerability (USN-4516-1)",
"cvssInfo": {
"baseScore": "5.0",
"temporalScore": "3.7",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "7.5",
"temporalScore": "6.5"
},
"patchAvailable": true,
"published": 1600954165000,
"scanType": [
"DYNAMIC"
],
"software": [
{
"name": "gpg-wks-client",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "gnupg-l10n",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "gpgv",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "gpg",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "gnupg",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "gnupg-utils",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "gpg-agent",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "dirmngr",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "gpgsm",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "gpgconf",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.3",
"vulnerabilities": null
},
{
"name": "gpg-wks-server",
"version": "2.2.4-1ubuntu1.2",
"scanType": "DYNAMIC",
"packagePath": null,
"fixVersion": "2.2.4-1ubuntu1.3",
"vulnerabilities": null
}
]
}
],
"vulnSummary": {
"confirmed": {
"sev1Count": 0,
"sev5Count": 5,
"sev2Count": 6,
"sev4Count": 24,
"sev3Count": 39
},
"potential": {
"sev1Count": 0,
"sev5Count": 0,
"sev2Count": 0,
"sev4Count": 0,
"sev3Count": 0
},
"patchAvailability": {
"confirmed": {
"sev1Count": 0,
"sev5Count": 5,
"sev2Count": 6,
"sev4Count": 24,
"sev3Count": 39
},
"potential": {
"sev1Count": 0,
"sev5Count": 0,
"sev2Count": 0,
"sev4Count": 0,
"sev3Count": 0
}
}
}
}
Error Response
The following error response is seen when the sub-users don't have permission to the specified image.
{
"errorCode": "403 FORBIDDEN",
"message": "Request Forbidden",
"timestamp": 1700721586546
}
Sample with SCA ScanningSample with SCA Scanning
This is applicable for subscriptions with SCA Scanning enabled and for images scanned using SCA.
API request
curl -X GET
"<qualys_base_url>/csapi/v1.3/images/5d556c82899c/vuln?type=ALL&sort=qid%3Aasc" --header "Authorization: Bearer <token>"
Response
{
"details": [
{
"vulnerability": null,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nopenssl-libs 1.1.1k-4.el8.x86__64 1.1.1k-7.el8__6",
"lastFound": "1661479693755",
"firstFound": "1661479693755",
"severity": 5,
"customerSeverity": 5,
"port": null,
"typeDetected": "CONFIRMED",
"status": null,
"risk": 50,
"category": "OEL",
"discoveryType": [
"AUTHENTICATED"
],
"authType": [
"UNIX_AUTH"
],
"supportedBy": [
"VM",
"CA-Linux Agent"
],
"product": [
"openssl"
],
"vendor": [
"oracle"
],
"cveids": [
"CVE-2022-2097",
"CVE-2022-1292",
"CVE-2022-2068"
],
"threatIntel": {
"activeAttacks": null,
"zeroDay": null,
"publicExploit": null,
"highLateralMovement": true,
"easyExploit": true,
"highDataLoss": true,
"noPatch": null,
"denialOfService": true,
"malware": null,
"exploitKit": null,
"publicExploitNames": null,
"malwareNames": null,
"exploitKitNames": null
},
"qid": 980351,
"title": "Java (maven) Security Update for commons-io:commons-io (GHSA-gwrp-pvrq-jmwv)",
"cvssInfo": {
"baseScore": "5.8",
"temporalScore": "4.3",
"accessVector": "Network"
},
"cvss3Info": {
"baseScore": "4.8",
"temporalScore": "4.2"
},
"patchAvailable": true,
"published": 1647355370000,
"scanType": [
"SCA"
],
"software": [
{
"name": "commons-io:commons-io",
"version": "2.6",
"scanType": "SCA",
"packagePath": "usr/share/maven/lib/wagon-http-3.4.3-shaded.jar",
"fixVersion": "2.7",
"vulnerabilities": null
}
]
},
...
Error Response
The following error response is seen when the sub-users don't have permission to the specified image.
{
"errorCode": "403 FORBIDDEN",
"message": "Request Forbidden",
"timestamp": 1700721586546
}