- Patent Title: Implementing package vulnerability assessment for microcontainers
-
Application No.: US16162315Application Date: 2018-10-16
-
Publication No.: US10896260B2Publication Date: 2021-01-19
- Inventor: Shripad Nadgowda , Sastry Duri
- Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION
- Applicant Address: US NY Armonk
- Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
- Current Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
- Current Assignee Address: US NY Armonk
- Agency: Intelletek Law Group, PLLC
- Agent Gabriel Daniel Esq.
- Main IPC: G06F21/57
- IPC: G06F21/57 ; G06F8/65 ; H04L12/24
Abstract:
A system for determining vulnerability of an application container is provided. The system receives a report associating a first version of a software package with a vulnerability and a second version of the software package as being an update that fixes the vulnerability. The system receives the first version and the second version of the software package. The second version has one or more files that correspond to files in the first version. The system identifies a changed file in the first version of the software package that is different from a corresponding file in the second version of the software package. The system identifies a container file in an application container that matches the changed file in the first version of the software package. The system associates the identified container file with the vulnerability.
Information query
