Update CVE Database

n.mayr · April 2, 2024, 7:49am

Hello,
I just had a look at the CVE database and saw that the 2024 CVEs are not included. Especially the CVE-2024-3094. Is there a possibility in the web portal to load the CVEs manually?

I am using the latest Docker images.

n.mayr · April 2, 2024, 7:52am

I get the following error on the notus container:

Traceback (most recent call last):

  File "/usr/local/bin/notus-scanner", line 8, in <module>

    sys.exit(main())

             ^^^^^^

  File "/usr/local/lib/python3.11/dist-packages/notus/scanner/daemon.py", line 130, in main

    run_daemon(

  File "/usr/local/lib/python3.11/dist-packages/notus/scanner/daemon.py", line 92, in run_daemon

    daemon = MQTTDaemon(client)

             ^^^^^^^^^^^^^^^^^^

  File "/usr/local/lib/python3.11/dist-packages/notus/scanner/messaging/mqtt.py", line 148, in __init__

    self._client.connect()

  File "/usr/local/lib/python3.11/dist-packages/notus/scanner/messaging/mqtt.py", line 54, in connect

    return super().connect(

           ^^^^^^^^^^^^^^^^

  File "/usr/local/lib/python3.11/dist-packages/paho/mqtt/client.py", line 914, in connect

    return self.reconnect()

           ^^^^^^^^^^^^^^^^

  File "/usr/local/lib/python3.11/dist-packages/paho/mqtt/client.py", line 1044, in reconnect

    sock = self._create_socket_connection()

           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  File "/usr/local/lib/python3.11/dist-packages/paho/mqtt/client.py", line 3685, in _create_socket_connection

    return socket.create_connection(addr, timeout=self._connect_timeout, source_address=source)

           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  File "/usr/lib/python3.11/socket.py", line 827, in create_connection

    for res in getaddrinfo(host, port, 0, SOCK_STREAM):

               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  File "/usr/lib/python3.11/socket.py", line 962, in getaddrinfo

    for res in _socket.getaddrinfo(host, port, family, type, proto, flags):

               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

socket.gaierror: [Errno -3] Temporary failure in name resolution

Exception ignored in atexit callback: <function exit_cleanup at 0x7f21be2e6660>

Traceback (most recent call last):

  File "/usr/local/lib/python3.11/dist-packages/notus/scanner/utils.py", line 104, in exit_cleanup

    sys.exit()

orlandoprz · April 3, 2024, 10:59am

What did you run to try to update the container?

btw: XZ Backdoor Attack CVE-2024-3094: All You Need To Know

cfi · April 3, 2024, 11:06am

Instructions how to update the feed content (including the CVE database) in the Docker container are available in the official and publicly available documentation here:

orlandoprz · April 4, 2024, 11:46am

Hi, I have updated my containers and run the update commands found in the:

and I have this:

So It should be easy and strait forward, @n.mayr.

Cyberguard047 · December 9, 2024, 11:04am

I thought I heard that the database automatically updates the information on NVTs, CVEs, and CPEs for all versions. Let me know if that’s wrong