github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/integration/testdata/debian-buster-ignore-unfixed.json.golden

github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/integration/testdata/debian-buster-ignore-unfixed.json.golden (about)

     1  {
     2    "SchemaVersion": 2,
     3    "CreatedAt": "2021-08-25T12:20:30.000000005Z",
     4    "ArtifactName": "testdata/fixtures/images/debian-buster.tar.gz",
     5    "ArtifactType": "container_image",
     6    "Metadata": {
     7      "OS": {
     8        "Family": "debian",
     9        "Name": "10.1"
    10      },
    11      "ImageID": "sha256:c2c03a296d2329a4f3ab72a7bf38b78a8a80108204d326b0139d6af700e152d1",
    12      "DiffIDs": [
    13        "sha256:78c1b9419976227e05be9d243b7fa583bea44a5258e52018b2af4cdfe23d148d"
    14      ],
    15      "ImageConfig": {
    16        "architecture": "amd64",
    17        "container": "cbb6a20ddb7dedfeee41aeb21e9780f14afbb0f47a6b1ffa514a1822f45d0a51",
    18        "created": "2019-09-11T23:21:51.562946709Z",
    19        "docker_version": "18.06.1-ce",
    20        "history": [
    21          {
    22            "created": "2019-09-11T23:21:51.123609274Z",
    23            "created_by": "/bin/sh -c #(nop) ADD file:770e381defc5e4a0ba5df52265a96494b9f5d94309234cb3f7bc6b00e1d18f9a in / "
    24          },
    25          {
    26            "created": "2019-09-11T23:21:51.562946709Z",
    27            "created_by": "/bin/sh -c #(nop)  CMD [\"bash\"]",
    28            "empty_layer": true
    29          }
    30        ],
    31        "os": "linux",
    32        "rootfs": {
    33          "type": "layers",
    34          "diff_ids": [
    35            "sha256:78c1b9419976227e05be9d243b7fa583bea44a5258e52018b2af4cdfe23d148d"
    36          ]
    37        },
    38        "config": {
    39          "Cmd": [
    40            "bash"
    41          ],
    42          "Env": [
    43            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
    44          ],
    45          "Image": "sha256:5519bb349f72eef81944da56843c995b1b81ed67c8e7e48ac29dd6c543c1dd2d",
    46          "ArgsEscaped": true
    47        }
    48      }
    49    },
    50    "Results": [
    51      {
    52        "Target": "testdata/fixtures/images/debian-buster.tar.gz (debian 10.1)",
    53        "Class": "os-pkgs",
    54        "Type": "debian",
    55        "Vulnerabilities": [
    56          {
    57            "VulnerabilityID": "CVE-2019-18224",
    58            "VendorIDs": [
    59              "DSA-4613-1"
    60            ],
    61            "PkgID": "libidn2-0@2.0.5-1",
    62            "PkgName": "libidn2-0",
    63            "InstalledVersion": "2.0.5-1",
    64            "FixedVersion": "2.0.5-1+deb10u1",
    65            "Status": "fixed",
    66            "Layer": {
    67              "Digest": "sha256:4a56a430b2bac33260d6449e162017e2b23076c6411a17b46db67f5b84dde2bd",
    68              "DiffID": "sha256:78c1b9419976227e05be9d243b7fa583bea44a5258e52018b2af4cdfe23d148d"
    69            },
    70            "SeveritySource": "nvd",
    71            "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-18224",
    72            "DataSource": {
    73              "ID": "debian",
    74              "Name": "Debian Security Tracker",
    75              "URL": "https://salsa.debian.org/security-tracker-team/security-tracker"
    76            },
    77            "Title": "libidn2: heap-based buffer overflow in idn2_to_ascii_4i in lib/lookup.c",
    78            "Description": "idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.",
    79            "Severity": "CRITICAL",
    80            "CweIDs": [
    81              "CWE-787"
    82            ],
    83            "CVSS": {
    84              "nvd": {
    85                "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
    86                "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
    87                "V2Score": 7.5,
    88                "V3Score": 9.8
    89              },
    90              "redhat": {
    91                "V3Vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
    92                "V3Score": 5.6
    93              }
    94            },
    95            "References": [
    96              "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html",
    97              "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html",
    98              "https://access.redhat.com/security/cve/CVE-2019-18224",
    99              "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12420",
   100              "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18224",
   101              "https://github.com/libidn/libidn2/commit/e4d1558aa2c1c04a05066ee8600f37603890ba8c",
   102              "https://github.com/libidn/libidn2/compare/libidn2-2.1.0...libidn2-2.1.1",
   103              "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDQVQ2XPV5BTZUFINT7AFJSKNNBVURNJ/",
   104              "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MINU5RKDFE6TKAFY5DRFN3WSFDS4DYVS/",
   105              "https://seclists.org/bugtraq/2020/Feb/4",
   106              "https://security.gentoo.org/glsa/202003-63",
   107              "https://ubuntu.com/security/notices/USN-4168-1",
   108              "https://usn.ubuntu.com/4168-1/",
   109              "https://www.debian.org/security/2020/dsa-4613"
   110            ],
   111            "PublishedDate": "2019-10-21T17:15:00Z",
   112            "LastModifiedDate": "2019-10-29T19:15:00Z"
   113          }
   114        ]
   115      }
   116    ]
   117  }