is there by any chance something wrong with the vt images? the latest published CVEs and CPEs shown to me in the web-gui are from august .19, even though the other images are all up-to-date. Ive already tried to run the following commands:
You might run into the same issue I have, where the feed version is the latest but no new CVE/CPEs are published in the web-gui.
Never got any answer but I think the issue is the order in which the extraction of the scap data is done. First it copies the meta data files which update the feed version and then unpacks the actual data. I fixed it by mounting a custom init.sh file into the scap-data container where it first unpacks the data into a tmp directory, moves all data from the tmp location to the correct location and then copies in the meta data files which contains the feed version.
The GUI doesn’t show CVEs younger than 17 November (4 weeks old) even though I’m on `scap-data:202512110506`
I’ve checked the files in my docker volumes. the file `nvdcve-2.0-2025.xml` does indeed contain current CVEs (most notably 55182 which was the reason I’ve checked on my green bones)
No idea how and why that doesn’t show up and if it’s at least available to the scanner
(deployed via containers as per the docs updated via merge request by renovate)
Just for information. The version of the scap-data doesn’t say anything about the latest CVE or CPE. It just says when we published this version of the data. When producing the data it gets downloaded from NVD and contains the latest information available. If the NVD didn’t update their database, the newest CPEs or CVEs may be some days older then our publishing date. The last two years NVD was not as reliable as the years before
