Scanning for vulnerabilities by means of Astra Linux (OVAL scanning)

Docker images of Kaspersky Scan Engine were scanned for vulnerabilities defined in the following databases:

• oval-db stable (the official database from the stable repository of Astra Linux 1.7.6 and 1.7.7)
• oval-db frozen (non-extensible database from the frozen repository of Astra Linux 1.7.6 and 1.7.7)
• Data Security Threats Database of FSTEC (Federal Service for Technical and Export Control of Russia)

At the time of release, no vulnerabilities were detected when using the databases oval-db: 0.0.2.astra1, oval-db: 0.0.2.astra1+ci3, 2025.04.04-3 BDU FSTEC.

When scanning Docker images of Kaspersky Scan Engine for vulnerabilities by means of Astra Linux 1.7.6 or 1.7.7 (OVAL scanning), vulnerabilities may be detected in the following cases:

• Custom OVAL definitions were used for scanning instead of the OVAL definitions included in the official databases from Astra Linux or FSTEC.
• After the release date, the database oval-db was updated, resulting in new data about vulnerabilities.

Although it is not recommended to run a Docker image when vulnerabilities are detected in it, Kaspersky Scan Engine still remains functional and you can run it in the debug mode. In debug mode, when a vulnerability is detected, a message is displayed and container launch is not blocked. To enable the debug mode, specify the global astra-sec-level parameter set to 6. For more information about this parameter, see the official Astra Linux documentation.

Page top