OSV
OpenSourceVulnerabilities Pack.#
This Integration is part of theSupported versions
Supported Cortex XSOAR versions: 6.0.0 and later.
OSV (Open Source Vulnerability) is a vulnerability database for open source projects. For each vulnerability, it perform bisects to figure out the exact commit that introduces the bug, as well the exact commit that fixes it. This is cross referenced against upstream repositories to figure out the affected tags and commit ranges
#
Configure OSV in CortexParameter | Required |
---|---|
Server URL (e.g. https://api.osv.dev) | True |
Trust any certificate (not secure) | |
Use system proxy settings |
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
osv-get-vuln-by-idReturn a Vulnerability
object for a given OSV ID. All list of vulnerabilities can be found at https://osv.dev/list
#
Base Commandosv-get-vuln-by-id
#
InputArgument Name | Description | Required |
---|---|---|
id_ | The id field is a unique identifier for the vulnerability entry. For example: OSV-2020-111. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
OSV.Vulnerability.id | String | The `id` field is a unique identifier for the vulnerability entry |
OSV.Vulnerability.published | String | The RFC3339 timestamp indicating when this entry was published. |
OSV.Vulnerability.modified | String | The RFC3339 timestamp indicating when this entry was last modified. |
OSV.Vulnerability.withdrawn | String | The RFC3339 timestamp indicating when this entry is considered to be withdrawn. |
OSV.Vulnerability.summary | String | One line human readable summary for the vulnerability. It is recommended to keep this under 120 characters. |
OSV.Vulnerability.details | String | Any additional human readable details for the vulnerability. |
OSV.Vulnerability.affected.ranges.repo | String | Applicable if type is GIT. The publicly accessible URL of the repo that can be directly passed to clone commands. |
OSV.Vulnerability.affected.ranges.events.introduced | String | The earliest version/commit where this vulnerability was introduced in. |
OSV.Vulnerability.affected.ranges.events.fixed | String | The version/commit that this vulnerability was fixed in. |
OSV.Vulnerability.affected.ranges.events.limit | String | The limit to apply to the range. |
OSV.Vulnerability.references.url | String | Reference URL for more details. |
#
osv-query-affected-by-commitQuery vulnerabilities for a particular project at a given commit
#
Base Commandosv-query-affected-by-commit
#
InputArgument Name | Description | Required |
---|---|---|
commit | The commit hash to query for. E.g 6879efc2c1596d11a6a6ad296f80063b558d5e0f. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
OSV.VulnerabilityList.vulns.id | String | The `id` field is a unique identifier for the vulnerability entry. |
OSV.VulnerabilityList.vulns.published | String | The RFC3339 timestamp indicating when this entry was published. |
OSV.VulnerabilityList.vulns.modified | String | The RFC3339 timestamp indicating when this entry was last modified. |
OSV.VulnerabilityList.vulns.withdrawn | String | The RFC3339 timestamp indicating when this entry is considered to be withdrawn. |
OSV.VulnerabilityList.vulns.summary | String | One line human readable summary for the vulnerability. It is recommended to keep this under 120 characters. |
OSV.VulnerabilityList.vulns.details | String | Any additional human readable details for the vulnerability. |
OSV.VulnerabilityList.vulns.affected.ranges.repo | String | Applicable if type is GIT. The publicly accessible URL of the repo that can be directly passed to clone commands. |
OSV.VulnerabilityList.vulns.affected.ranges.events.introduced | String | The earliest version/commit where this vulnerability was introduced in. |
OSV.VulnerabilityList.vulns.affected.ranges.events.fixed | String | The version/commit that this vulnerability was fixed in. |
OSV.VulnerabilityList.vulns.affected.ranges.events.limit | String | The limit to apply to the range. |
OSV.VulnerabilityList.vulns.references.url | String | Reference URL for more details. |
#
osv-query-affected-by-packageQuery vulnerabilities for a particular project based on package name and verion
#
Base Commandosv-query-affected-by-package
#
InputArgument Name | Description | Required |
---|---|---|
version | The version string to query for. A fuzzy match is done against upstream versions. Eg. 3.3.0. | Required |
packageName | The name of the package/project to query for. Eg. django-tinymce. | Required |
ecosystem | The ecosystem of the package. Eg. PyPI. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
OSV.VulnerabilityList.vulns.id | string | The `id` field is a unique identifier for the vulnerability entry. |
OSV.VulnerabilityList.vulns.published | string | The RFC3339 timestamp indicating when this entry was published. |
OSV.VulnerabilityList.vulns.modified | string | The RFC3339 timestamp indicating when this entry was last modified. |
OSV.VulnerabilityList.vulns.withdrawn | string | The RFC3339 timestamp indicating when this entry is considered to be withdrawn. |
OSV.VulnerabilityList.vulns.summary | string | One line human readable summary for the vulnerability. It is recommended to keep this under 120 characters. |
OSV.VulnerabilityList.vulns.details | string | Any additional human readable details for the vulnerability. |
OSV.VulnerabilityList.vulns.affected.ranges.repo | string | Applicable if type is GIT. The publicly accessible URL of the repo that can be directly passed to clone commands. |
OSV.VulnerabilityList.vulns.affected.ranges.events.introduced | string | The earliest version/commit where this vulnerability was introduced in. |
OSV.VulnerabilityList.vulns.affected.ranges.events.fixed | string | The version/commit that this vulnerability was fixed in. |
OSV.VulnerabilityList.vulns.affected.ranges.events.limit | string | The limit to apply to the range. |
OSV.VulnerabilityList.vulns.references.url | string | Reference URL for more details. |