How to filter CVE by package URL (pURL) in CVE Viewer?

How to filter CVE by package URL (pURL) in CVE Viewer?

456
Created On 07/20/23 08:49 AM - Last Modified 12/09/25 17:25 PM


Objective


  • By using CVE Viewer in Prisma Cloud Compute we are able to reference a specific package by using a scheme called pURL (package URL)

Environment


  • Access to Prisma Cloud compute >= 30.03.122

Procedure


  • In the CVE Viewer when we search for general terms, e.g firefox, we will get only partial results due to a UI limitation which may not be desired.
  • In order to filter results to environment specifics we can use Package URL via the following scheme: 
    • scheme:type/namespace/name@version

       
    • Corresponding fields in Prisma Cloud compute table would be as follow 
    • $ = Column header from Compute UI

pkg:rpm/$Distro/$Package@$Affected version

  • Search examples:

#Retrieve mozillafirefox package for SUSE linux
pkg:rpm/suse/mozillafirefox@60.6.2-3.32.1

#Retrive all firefox CVE's for Debian OS without specific version
pkg:deb/debian/firefox

#Retrive all firefox CVE's for Ubuntu for version >= 112.0
pkg:deb/ubuntu/firefox@112.0

     

Additional Information


  • https://github.com/package-url/purl-spec
  • Feature available with Compute version >= 30.03.122
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000bqV6CAI&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail