IssueHunt
Bug Bounty (New!)
Browse
Sign in with GitHub
future-architect/vuls

Do you want to work on this issue?

You can request for a bounty in order to promote it!

False positives, when OS version does not match #1297

Basilious5 posted onGitHub

Hello! My system is running on Debian 9 (Stretch) and Iā€™m using Vuls 0.12.3. Encountered strange Vuls behavior.

First, it says that bind9 version 1:9.11.5.P4+dfsg-5.1+deb10u5 is vulnerable to CVE-2018-5740. However, Debian security tracker says the opposite. image Possible reason ā€“ that version of bind9 made for Debian 10 (Buster), but I do not sure. image

Second, vuls says, that squid3 version 3.5.23-5+deb9u7 is vulnerable to CVE-2021-33620. However, Debian security tracker says the opposite. image Possible reason ā€“ that version of squid3 made for Stretch-security. image

I would really appreciate any help with explanation, cause sometimes I have a huge number of false positives.

Hi, @Basilious5

We do not support older versions of Vuls, please make sure you have the latest version of Vuls to try. Please let me know if this happens with the latest version.

posted by kotakanbe over 3 years ago

Fund this Issue

$0.00
Funded
Only logged in users can fund an issue

Pull requests

Company
AboutMission
Community
SpectrumEmbed
Support
FAQTerms of usePrivacy policyCode of conductCredits
Connect
FacebookTwitter

Ā© 2019 BoostIO, Inc.