Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

CleanShot 2022-03-10 at 3.35.04.png

Hi, i wonder if anyone can help shed some light on what is going on here in the vulnerable software detection, for example the top one that affects `cryptography` which is showing this CVE: <https://nvd.nist.gov/vuln/detail/CVE-2020-36242>

All 746 hosts listed here are running Ubuntu 18.04, which according to the vendor are not vulnerable to this: <https://ubuntu.com/security/CVE-2020-36242>

Is there any way for us to mark them as “not actually vulnerable” as I think this is a false positive?

Just so you’re aware this exists <https://github.com/fleetdm/fleet/issues/4218>

we are in the process of improving how we detect ubuntu vulnerabilities, this work will reduce false positives such as the one you saw cc <@U031GHK0STW>

Ah brilliant, thanks for that :slightly_smiling_face:

I’ve subscribed to the thread :slightly_smiling_face: