CVE Tracking
PatchCTL correlates your installed packages with known vulnerabilities (CVEs) to help prioritize patching.
CVE Dashboard
Fleet Posture
Summary cards show vulnerability exposure:
- Critical - CVSS 9.0-10.0, immediate action needed
- High - CVSS 7.0-8.9, address promptly
- Medium - CVSS 4.0-6.9, schedule for patching
- Low - CVSS 0.1-3.9, address as convenient
CVE List
All vulnerabilities affecting your fleet:
- CVE ID - Unique identifier (e.g., CVE-2024-1234)
- Severity - Critical, High, Medium, Low
- CVSS Score - Numeric severity (0-10)
- Affected Packages - Which packages are vulnerable
- Affected Servers - Count of impacted servers
- Fix Available - Whether a patched version exists
CVE Details
Click a CVE to view:
Overview
- Full CVE description
- CVSS score breakdown
- Published date
- Age (days since published)
Affected Packages
- Package names and vulnerable versions
- Fixed version (if available)
- Repository with the fix
Affected Servers
- List of servers with vulnerable packages
- Current installed version
- Quick actions to patch
Remediation
From the list or detail view:
- Review affected servers
- Click Patch (or Patch All where available)
- Confirm the action
- Monitor results in Runs
CVE Severity Guide
| Severity | CVSS | Action |
|---|---|---|
| Critical | 9.0-10.0 | Patch within 24-48 hours |
| High | 7.0-8.9 | Patch within 1 week |
| Medium | 4.0-6.9 | Patch within 30 days |
| Low | 0.1-3.9 | Patch at next maintenance |