github.com/ishita82/trivy-gitaction@v0.0.0-20240206054925-e937cc05f8e3/integration/testdata/nuget.json.golden

github.com/ishita82/trivy-gitaction@v0.0.0-20240206054925-e937cc05f8e3/integration/testdata/nuget.json.golden (about)

     1  {
     2    "SchemaVersion": 2,
     3    "CreatedAt": "2021-08-25T12:20:30.000000005Z",
     4    "ArtifactName": "testdata/fixtures/repo/nuget",
     5    "ArtifactType": "repository",
     6    "Metadata": {
     7      "ImageConfig": {
     8        "architecture": "",
     9        "created": "0001-01-01T00:00:00Z",
    10        "os": "",
    11        "rootfs": {
    12          "type": "",
    13          "diff_ids": null
    14        },
    15        "config": {}
    16      }
    17    },
    18    "Results": [
    19      {
    20        "Target": "packages.lock.json",
    21        "Class": "lang-pkgs",
    22        "Type": "nuget",
    23        "Packages": [
    24          {
    25            "ID": "Newtonsoft.Json@12.0.3",
    26            "Name": "Newtonsoft.Json",
    27            "Identifier": {
    28              "PURL": "pkg:nuget/Newtonsoft.Json@12.0.3"
    29            },
    30            "Version": "12.0.3",
    31            "Layer": {},
    32            "Locations": [
    33              {
    34                "StartLine": 5,
    35                "EndLine": 10
    36              }
    37            ]
    38          },
    39          {
    40            "ID": "NuGet.Frameworks@5.7.0",
    41            "Name": "NuGet.Frameworks",
    42            "Identifier": {
    43              "PURL": "pkg:nuget/NuGet.Frameworks@5.7.0"
    44            },
    45            "Version": "5.7.0",
    46            "DependsOn": [
    47              "Newtonsoft.Json@12.0.3"
    48            ],
    49            "Layer": {},
    50            "Locations": [
    51              {
    52                "StartLine": 11,
    53                "EndLine": 19
    54              }
    55            ]
    56          }
    57        ],
    58        "Vulnerabilities": [
    59          {
    60            "VulnerabilityID": "GHSA-5crp-9r3c-p9vr",
    61            "PkgID": "Newtonsoft.Json@12.0.3",
    62            "PkgName": "Newtonsoft.Json",
    63            "PkgIdentifier": {
    64              "PURL": "pkg:nuget/Newtonsoft.Json@12.0.3"
    65            },
    66            "InstalledVersion": "12.0.3",
    67            "FixedVersion": "13.0.1",
    68            "Status": "fixed",
    69            "Layer": {},
    70            "SeveritySource": "ghsa",
    71            "PrimaryURL": "https://github.com/advisories/GHSA-5crp-9r3c-p9vr",
    72            "DataSource": {
    73              "ID": "ghsa",
    74              "Name": "GitHub Security Advisory Nuget",
    75              "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anuget"
    76            },
    77            "Title": "Improper Handling of Exceptional Conditions in Newtonsoft.Json",
    78            "Description": "Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults due to improper handling of expressions with high nesting level that lead to StackOverFlow exception or high CPU and RAM usage.",
    79            "Severity": "HIGH",
    80            "CweIDs": [
    81              "CWE-755"
    82            ],
    83            "VendorSeverity": {
    84              "ghsa": 3
    85            },
    86            "CVSS": {
    87              "ghsa": {
    88                "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    89                "V3Score": 7.5
    90              }
    91            },
    92            "References": [
    93              "https://alephsecurity.com/2018/10/22/StackOverflowException/",
    94              "https://alephsecurity.com/vulns/aleph-2018004"
    95            ],
    96            "PublishedDate": "2022-06-22T15:08:47Z",
    97            "LastModifiedDate": "2022-06-27T18:37:23Z"
    98          }
    99        ]
   100      }
   101    ]
   102  }