Working with CVE's. Checking for valid and vulnerable CVE's.

civilpolisen

$ sudo apt-get install debsecan

I'm using Ubuntu 18.04 and I installed this neat little software yesterday.

$ debsecan --suit sid | grep -v fixed | grep -v obsolete | grep -v mysql >> 2020-11-03.txt

I get this short 160-line file when excluding "fixed", "obsolete" and "mysql", since these are not accurate for the public platform.

I do this manually... but is there a way to automate this process and also compare the current week CVE-file from the previous week? In some way!

I'm sure there are plenty of people out there in a similar environment to the environment I represent. The small company with access to some 15 servers and sudo access to all. We're an IT consultant with fairly big clients.