To learn more, visit the Lacework documentation.
Parameters
| Parameter | Description |
|---|---|
| Operating System Type | The Operating Systems name. |
| Operating System Version | The Operating Systems version. |
| Package Name | The package name. |
| Package Version | The version of the package. |
Example Output
{ "data": [ { "osPkgInfo": { "namespace": "ubuntu:18.04", "os": "Ubuntu", "osVer": "18.04", "pkg": "openssl", "pkgVer": "1.1.1-1ubuntu2.1~18.04.5", "versionFormat": "dpkg" }, "vulnId": "CVE-2017-3731", "severity": "Medium", "featureKey": { "name": "openssl", "namespace": "ubuntu:18.04" }, "cveProps": { "cveBatchId": "087956A88D8B89A79D0DC1F2E5E8269C", "description": "If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k.", "link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-3731", "metadata": { "nvd": { "cvssv2": { "publisheddatetime": "2017-05-04T19:29Z", "score": 5, "vectors": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, "cvssv3": { "exploitabilityscore": 3.9, "impactscore": 3.6, "score": 7.5, "vectors": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } } } }, "fixInfo": { "fixAvailable": "1", "fixedVersion": "0:1.0.2g-1ubuntu11" }, "summary": { "evalCreatedTime": "2021-09-16 18:41:04.161 -0700", "evalStatus": "MATCH_VULN", "numFixableVuln": 10, "numFixableVulnBySeverity": { "1": 0, "2": 3, "3": 5, "4": 2, "5": 0 }, "numTotal": 70, "numVuln": 10, "numVulnBySeverity": { "1": 0, "2": 3, "3": 5, "4": 2, "5": 0 } }, "props": { "evalAlgo": "1001" } } ]}
Workflow Library Example
Scan Software Packages with Lacework and Send Results Via Email
Preview this Workflow on desktop