Hello,
On my Ubuntu 20.04.6 LTS, multiple vulnerabilities with Critical status were detected by the Wazuh scanner.
For example:
https://ubuntu.com/security/CVE-2022-28734
https://ubuntu.com/security/CVE-2022-28734
https://ubuntu.com/security/CVE-2016-1585
https://nvd.nist.gov/vuln/detail/CVE-2022-48174
https://ubuntu.com/security/CVE-2016-1585
And some others.
Some of them exist for more than three months.
I have also installed RHEL 8.8, where Wazuh shows 0 Critical CVE.
Is it a normal situation for Ubuntu? I have always thought that when a critical CVE is identified, it should be patched as thoroughly and quickly as possible.
Bookmarks