github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/integration/testdata/debian-buster-ignore-unfixed.json.golden (about) 1 { 2 "SchemaVersion": 2, 3 "CreatedAt": "2021-08-25T12:20:30.000000005Z", 4 "ArtifactName": "testdata/fixtures/images/debian-buster.tar.gz", 5 "ArtifactType": "container_image", 6 "Metadata": { 7 "OS": { 8 "Family": "debian", 9 "Name": "10.1" 10 }, 11 "ImageID": "sha256:c2c03a296d2329a4f3ab72a7bf38b78a8a80108204d326b0139d6af700e152d1", 12 "DiffIDs": [ 13 "sha256:78c1b9419976227e05be9d243b7fa583bea44a5258e52018b2af4cdfe23d148d" 14 ], 15 "ImageConfig": { 16 "architecture": "amd64", 17 "container": "cbb6a20ddb7dedfeee41aeb21e9780f14afbb0f47a6b1ffa514a1822f45d0a51", 18 "created": "2019-09-11T23:21:51.562946709Z", 19 "docker_version": "18.06.1-ce", 20 "history": [ 21 { 22 "created": "2019-09-11T23:21:51.123609274Z", 23 "created_by": "/bin/sh -c #(nop) ADD file:770e381defc5e4a0ba5df52265a96494b9f5d94309234cb3f7bc6b00e1d18f9a in / " 24 }, 25 { 26 "created": "2019-09-11T23:21:51.562946709Z", 27 "created_by": "/bin/sh -c #(nop) CMD [\"bash\"]", 28 "empty_layer": true 29 } 30 ], 31 "os": "linux", 32 "rootfs": { 33 "type": "layers", 34 "diff_ids": [ 35 "sha256:78c1b9419976227e05be9d243b7fa583bea44a5258e52018b2af4cdfe23d148d" 36 ] 37 }, 38 "config": { 39 "Cmd": [ 40 "bash" 41 ], 42 "Env": [ 43 "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 44 ], 45 "Image": "sha256:5519bb349f72eef81944da56843c995b1b81ed67c8e7e48ac29dd6c543c1dd2d", 46 "ArgsEscaped": true 47 } 48 } 49 }, 50 "Results": [ 51 { 52 "Target": "testdata/fixtures/images/debian-buster.tar.gz (debian 10.1)", 53 "Class": "os-pkgs", 54 "Type": "debian", 55 "Vulnerabilities": [ 56 { 57 "VulnerabilityID": "CVE-2019-18224", 58 "VendorIDs": [ 59 "DSA-4613-1" 60 ], 61 "PkgID": "libidn2-0@2.0.5-1", 62 "PkgName": "libidn2-0", 63 "InstalledVersion": "2.0.5-1", 64 "FixedVersion": "2.0.5-1+deb10u1", 65 "Status": "fixed", 66 "Layer": { 67 "Digest": "sha256:4a56a430b2bac33260d6449e162017e2b23076c6411a17b46db67f5b84dde2bd", 68 "DiffID": "sha256:78c1b9419976227e05be9d243b7fa583bea44a5258e52018b2af4cdfe23d148d" 69 }, 70 "SeveritySource": "nvd", 71 "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-18224", 72 "DataSource": { 73 "ID": "debian", 74 "Name": "Debian Security Tracker", 75 "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" 76 }, 77 "Title": "libidn2: heap-based buffer overflow in idn2_to_ascii_4i in lib/lookup.c", 78 "Description": "idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.", 79 "Severity": "CRITICAL", 80 "CweIDs": [ 81 "CWE-787" 82 ], 83 "CVSS": { 84 "nvd": { 85 "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", 86 "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", 87 "V2Score": 7.5, 88 "V3Score": 9.8 89 }, 90 "redhat": { 91 "V3Vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", 92 "V3Score": 5.6 93 } 94 }, 95 "References": [ 96 "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html", 97 "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html", 98 "https://access.redhat.com/security/cve/CVE-2019-18224", 99 "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12420", 100 "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18224", 101 "https://github.com/libidn/libidn2/commit/e4d1558aa2c1c04a05066ee8600f37603890ba8c", 102 "https://github.com/libidn/libidn2/compare/libidn2-2.1.0...libidn2-2.1.1", 103 "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDQVQ2XPV5BTZUFINT7AFJSKNNBVURNJ/", 104 "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MINU5RKDFE6TKAFY5DRFN3WSFDS4DYVS/", 105 "https://seclists.org/bugtraq/2020/Feb/4", 106 "https://security.gentoo.org/glsa/202003-63", 107 "https://ubuntu.com/security/notices/USN-4168-1", 108 "https://usn.ubuntu.com/4168-1/", 109 "https://www.debian.org/security/2020/dsa-4613" 110 ], 111 "PublishedDate": "2019-10-21T17:15:00Z", 112 "LastModifiedDate": "2019-10-29T19:15:00Z" 113 } 114 ] 115 } 116 ] 117 }