github.com/ishita82/trivy-gitaction@v0.0.0-20240206054925-e937cc05f8e3/integration/testdata/nuget.json.golden (about) 1 { 2 "SchemaVersion": 2, 3 "CreatedAt": "2021-08-25T12:20:30.000000005Z", 4 "ArtifactName": "testdata/fixtures/repo/nuget", 5 "ArtifactType": "repository", 6 "Metadata": { 7 "ImageConfig": { 8 "architecture": "", 9 "created": "0001-01-01T00:00:00Z", 10 "os": "", 11 "rootfs": { 12 "type": "", 13 "diff_ids": null 14 }, 15 "config": {} 16 } 17 }, 18 "Results": [ 19 { 20 "Target": "packages.lock.json", 21 "Class": "lang-pkgs", 22 "Type": "nuget", 23 "Packages": [ 24 { 25 "ID": "Newtonsoft.Json@12.0.3", 26 "Name": "Newtonsoft.Json", 27 "Identifier": { 28 "PURL": "pkg:nuget/Newtonsoft.Json@12.0.3" 29 }, 30 "Version": "12.0.3", 31 "Layer": {}, 32 "Locations": [ 33 { 34 "StartLine": 5, 35 "EndLine": 10 36 } 37 ] 38 }, 39 { 40 "ID": "NuGet.Frameworks@5.7.0", 41 "Name": "NuGet.Frameworks", 42 "Identifier": { 43 "PURL": "pkg:nuget/NuGet.Frameworks@5.7.0" 44 }, 45 "Version": "5.7.0", 46 "DependsOn": [ 47 "Newtonsoft.Json@12.0.3" 48 ], 49 "Layer": {}, 50 "Locations": [ 51 { 52 "StartLine": 11, 53 "EndLine": 19 54 } 55 ] 56 } 57 ], 58 "Vulnerabilities": [ 59 { 60 "VulnerabilityID": "GHSA-5crp-9r3c-p9vr", 61 "PkgID": "Newtonsoft.Json@12.0.3", 62 "PkgName": "Newtonsoft.Json", 63 "PkgIdentifier": { 64 "PURL": "pkg:nuget/Newtonsoft.Json@12.0.3" 65 }, 66 "InstalledVersion": "12.0.3", 67 "FixedVersion": "13.0.1", 68 "Status": "fixed", 69 "Layer": {}, 70 "SeveritySource": "ghsa", 71 "PrimaryURL": "https://github.com/advisories/GHSA-5crp-9r3c-p9vr", 72 "DataSource": { 73 "ID": "ghsa", 74 "Name": "GitHub Security Advisory Nuget", 75 "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anuget" 76 }, 77 "Title": "Improper Handling of Exceptional Conditions in Newtonsoft.Json", 78 "Description": "Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults due to improper handling of expressions with high nesting level that lead to StackOverFlow exception or high CPU and RAM usage.", 79 "Severity": "HIGH", 80 "CweIDs": [ 81 "CWE-755" 82 ], 83 "VendorSeverity": { 84 "ghsa": 3 85 }, 86 "CVSS": { 87 "ghsa": { 88 "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", 89 "V3Score": 7.5 90 } 91 }, 92 "References": [ 93 "https://alephsecurity.com/2018/10/22/StackOverflowException/", 94 "https://alephsecurity.com/vulns/aleph-2018004" 95 ], 96 "PublishedDate": "2022-06-22T15:08:47Z", 97 "LastModifiedDate": "2022-06-27T18:37:23Z" 98 } 99 ] 100 } 101 ] 102 }