Project

General

Profile

Actions

Bug #24422

closed

Is not clear why CVE score is missing for some OS

Added by Elaad FURREEDAN 9 months ago. Updated 8 months ago.

Status:
Released
Priority:
N/A
Assignee:
-
Category:
Web - UI & UX
Target version:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
I dislike using that feature
User visibility:
Effort required:
Medium
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

For some reason, CVE check is not available on some OS:
  • The check is not supported on this OS, like Windows
    2024-03-12 11:28:29+0000 WARN  plugin.cve.check - An error occurred during cve check for 1 Node(s), cve check still continue, details: Unexpected: Checks on Windows nodes are not supported, skipping
    
  • Failed to detect CVE with OVAL: OVAL for amazonlinux is not implemented yet
    2024-03-12 11:28:29+0000 WARN  plugin.cve.check - An error occurred during cve check for 1 Node(s), cve check still continue, details: Unexpected: Request failure URL 'https://api.rudder.io/cve/v2/vuls': code Some(503), body: Some(Failed to detect CVE with OVAL: OVAL for amazonlinux is not implemented yet)
    

But on Node side we only see that CVE is not available, we don't know if something is not working, or if this is expected. It will confuse many users. Plus the tooltip is empty, there is no message that explain that. Ideally we want to display the WARN message, but I think it is a bit complex.


Files

Actions #2

Updated by Vincent MEMBRÉ 8 months ago

  • Target version changed from 8.1.0~beta2 to 8.1.0~rc1
Actions #3

Updated by Vincent MEMBRÉ 8 months ago

  • Target version changed from 8.1.0~rc1 to 8.1.0
Actions #4

Updated by Vincent MEMBRÉ 8 months ago

  • Status changed from New to Released

This bug has been fixed in Rudder plugin cve v8.1.0.rc1-2.10

Actions

Also available in: Atom PDF