CVE Tracking
PatchCTL correlates your installed packages with known vulnerabilities (CVEs) to help prioritize patching.
CVE Dashboard
Fleet Posture
Summary cards show vulnerability exposure:
- Critical - CVSS 9.0-10.0, immediate action needed
- High - CVSS 7.0-8.9, address promptly
- Medium - CVSS 4.0-6.9, schedule for patching
- Low - CVSS 0.1-3.9, address as convenient
CVE List
All vulnerabilities affecting your fleet:
- CVE ID - Unique identifier (e.g., CVE-2024-1234)
- Severity - Critical, High, Medium, Low
- CVSS Score - Numeric severity (0-10)
- Affected Packages - Which packages are vulnerable
- Affected Servers - Count of impacted servers
- Fix Available - Whether a patched version exists
CVE Details
Click a CVE to view:
Overview
- Full CVE description
- CVSS score breakdown
- Published date
- Age (days since published)
Affected Packages
- Package names and vulnerable versions
- Fixed version (if available)
- Repository with the fix
Affected Servers
- List of servers with vulnerable packages
- Current installed version
- Quick actions to patch
Remediation
Single CVE
From CVE details:
- Review affected servers
- Click Patch Affected Servers
- Select all or specific servers
- Confirm and monitor
Bulk Remediation
From the CVE list:
- Select multiple CVEs
- Click Remediate Selected
- Review affected servers
- Configure patching options
- Execute
CVE Severity Guide
| Severity | CVSS | Action |
|---|---|---|
| Critical | 9.0-10.0 | Patch within 24-48 hours |
| High | 7.0-8.9 | Patch within 1 week |
| Medium | 4.0-6.9 | Patch within 30 days |
| Low | 0.1-3.9 | Patch at next maintenance |
Data Sources
PatchCTL CVE data is sourced from:
- National Vulnerability Database (NVD)
- Distribution security advisories
- Package maintainer reports
Data is updated daily.