COS は Open Vulnerability and Assessment Language(OVAL)脆弱性フィードを提供しています。これは、サポートされているすべての COS リリース用の、機械で読み取り可能な構造化データセットです。フィードを使用して、COS システムにインストールされているパッケージのセキュリティの問題を評価できます。
[[["わかりやすい","easyToUnderstand","thumb-up"],["問題の解決に役立った","solvedMyProblem","thumb-up"],["その他","otherUp","thumb-up"]],[["わかりにくい","hardToUnderstand","thumb-down"],["情報またはサンプルコードが不正確","incorrectInformationOrSampleCode","thumb-down"],["必要な情報 / サンプルがない","missingTheInformationSamplesINeed","thumb-down"],["翻訳に関する問題","translationIssue","thumb-down"],["その他","otherDown","thumb-down"]],["最終更新日 2025-03-10 UTC。"],[[["COS provides an Open Vulnerability and Assessment Language (OVAL) feed, a structured dataset for identifying security vulnerabilities in supported COS releases."],["The OVAL feed, accessible at `gs://cos-oval-vulnerability-feed`, relies on the `cos-package-info.json` file, which lists installed packages on an image and is located in the `/etc` directory."],["Scanning a COS instance involves downloading and extracting the OVAL feed for the specific milestone, copying the `cos-package-info.json` file from the VM, and using an SCAP-compliant tool like OpenSCAP."],["Vulnerabilities reported by the scanner can be resolved by updating to the latest COS image for the applicable milestone, as the feed lists vulnerabilities fixed in these images."]]],[]]