Openvas-nasl cannot get the right report

Use this category only if you have build GVM from sources or if you use packages provided by a 3rdparty repository.

Please read About the Greenbone Source Edition (GSE) and About GVM Architecture before posting.

When posting you should provide information about your environment using the following template:

GVM versions

gsad: (‘21.04.0.git’)
gvmd: (‘21.04.0’)
openvas-scanner: (‘21.04.0’, in older GVM versions < 11: ‘openvassd --version’)


Operating system:
Kernel: (‘kali 5.10 2021-04-21’)
Installation method / source: apt install gvm

command gvm-check-setup there is nothing wrong.

for example, my nginx version is 1.16.1 and sshd version is 7.4p1, they should have some Vulnerabilities, but it didn’t be checked out.

openvas-nasl -X -B -d -i /var/lib/openvas/plugins -t <target> gb_nginx_http_detect.nasl 
# there is nothing report, is there anyting wrong?

Those products are covered by security fixes not raising the version of the product itself (Called “backports” in the Linux world).

Because of this most “Linux” VTs which are checking for a Banner of a software (especially valid for nginx and OpenSSH) have a QoD of remote_banner_unreliable (See Overview on QoD values and types ).

This means vulnerabilities of such VTs are not showing up by default in your reports. To show them you need to update your filter to show results for VTs having a QoD < 70 %.