.. include:: /includes.txt ======== Packages ======== Zercurity records every application (OSX), package (Linux) and program (Windows) installed across your assets. We collectively refer to these as packages. Table view ========== .. image:: /_static/packages.png * **Risk** Zercurity uses colours to colour-code the severity of risk. * **Name** The name of the package. For some common packages, you can click to find out more information about the package and its source of origin. * **Version** A version number for the package. If the package is out-of-date then the risk icon will be at least a yellow colour. * **Assets** The number of :doc:`/inventory/assets/index` that currently have this package installed. * **Published** The date this package was either first seen or released by the publisher. You can click the package name to find out more. * **First installed** The date the package was first installed across all assets. Package view ============ .. image:: /_static/package.png Provides a unified overview of the package's state. This includes any vulnerabilities assigned to the given package or newer and historical package information. Historical view =============== Provides a history of risk changes made to the package. Vulnerabilities view ==================== .. image:: /_static/package_vulnerabilities.png Provides a list of assigned CVEs against a given package. * **Name** The CVE name and corresponding CVSS severity score. * **Package** The version of the package. * **Vulnerable Version** The vulnerable version that package maintainers identified before a fix was issued. * **Fixed Version** The fixed package that remedied the vulnerability. * **Source** Where we found this information. Maybe be user contributed. The source is usually accompanied by a corresponding source id or SID. This id that refers the the external sources Id. * **Published** When the vulnerability was first published. * **Description** A short description of the vulnerability. * **CVSSv2** CVSSv2 scoring information. More information can be found here about how the scores are calculated and what they mean. https://www.first.org/cvss/v2/guide Versions view ============= Provides a list of other versions for a given package. These versions may be newer or older. .. image:: /_static/package_versions.png * **Filename** The filename of the package that was processed. * **Version** The version of the package. * **Owner** The email address and/or name of the maintainer of the package * **Published** The date and time of when the package was published.