github.com/wolfi-dev/wolfictl@v0.16.11/pkg/configs/advisory/v2/testdata/full.advisories.yaml (about) 1 schema-version: 2.0.2 2 3 package: 4 name: full 5 6 advisories: 7 - id: CVE-2000-0001 8 aliases: 9 - GHSA-xxxx-xxxx-xxx9 10 - GO-2000-0001 11 events: 12 - timestamp: 2000-01-01T00:00:00Z 13 type: detection 14 data: 15 type: manual 16 - timestamp: 2000-01-01T00:00:00Z 17 type: detection 18 data: 19 type: nvdapi 20 data: 21 cpeSearched: cpe:2.3:a:*:tinyxml:*:*:*:*:*:*:*:* 22 cpeFound: cpe:2.3:a:tinyxml_project:tinyxml:*:*:*:*:*:*:*:* 23 - timestamp: 2000-01-01T00:00:00Z 24 type: detection 25 data: 26 type: scan/v1 27 data: 28 subpackageName: test-sub 29 componentID: fe8053a3adedc5d0 30 componentName: github.com/docker/distribution 31 componentVersion: v2.8.1+incompatible 32 componentType: go-module 33 componentLocation: /usr/bin/crane 34 scanner: grype 35 - timestamp: 2000-01-01T00:00:00Z 36 type: true-positive-determination 37 data: 38 note: Something something true positive. 39 - timestamp: 2000-01-01T00:00:00Z 40 type: false-positive-determination 41 data: 42 type: vulnerability-record-analysis-contested 43 note: Something something false positive. 44 - timestamp: 2000-01-01T00:00:00Z 45 type: false-positive-determination 46 data: 47 type: component-vulnerability-mismatch 48 note: Something something false positive. 49 - timestamp: 2000-01-01T00:00:00Z 50 type: false-positive-determination 51 data: 52 type: vulnerable-code-version-not-used 53 note: Something something false positive. 54 - timestamp: 2000-01-01T00:00:00Z 55 type: false-positive-determination 56 data: 57 type: vulnerable-code-not-included-in-package 58 note: Something something false positive. 59 - timestamp: 2000-01-01T00:00:00Z 60 type: false-positive-determination 61 data: 62 type: vulnerable-code-not-in-execution-path 63 note: Something something false positive. 64 - timestamp: 2000-01-01T00:00:00Z 65 type: false-positive-determination 66 data: 67 type: vulnerable-code-cannot-be-controlled-by-adversary 68 note: Something something false positive. 69 - timestamp: 2000-01-01T00:00:00Z 70 type: false-positive-determination 71 data: 72 type: inline-mitigations-exist 73 note: Something something false positive. 74 - timestamp: 2000-01-01T00:00:00Z 75 type: fixed 76 data: 77 fixed-version: 1.2.3-r4 78 - timestamp: 2000-01-01T00:00:00Z 79 type: analysis-not-planned 80 data: 81 note: Something something analysis not planned. 82 - timestamp: 2000-01-01T00:00:00Z 83 type: fix-not-planned 84 data: 85 note: Something something fix not planned. 86 - timestamp: 2000-01-01T00:00:00Z 87 type: pending-upstream-fix 88 data: 89 note: Something something pending upstream fix.