Saturday, October 21, 2017

Polaris VulnerabilityDB Update

Updated VunlerabilityDB is available at GitHub. This update includes the recent Oracle critical patch update advisory. Oracle announced several vulnerabilities in Java, the following SQL extract details of these vulnerabilities from the database.

  1. select c.doc_type, c.doc_init_rel_date, vp.vul_status, 
  2.           p.prod_name, vul_cve 
  3.      from pa_cvrf_doc c, pa_cvrf_vul v, pa_cvrf_vul_product vp, 
  4.           pa_cvrf_product p 
  5.      where c.cvrf_id=v.cvrf_id 
  6.      and v.vul_id=vp.vul_id 
  7.      and vp.prod_id=p.prod_id 
  8.      and prod_name like '%Java%'
  9.      and c.cvrf_id=3357

The output can be formatted for reporting as follow:

Posted by at No comments:
Subscribe to: Posts (Atom)