Skip to content

Commit

Permalink
fix: adds fp label for rpm-based kernel headers matches on upstream k…
Browse files Browse the repository at this point in the history
…ernel package (#132)

Signed-off-by: Zach Hill <[email protected]>
  • Loading branch information
zhill authored Apr 15, 2024
1 parent a535b74 commit a30d23c
Showing 1 changed file with 1 addition and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"ID": "ea8cd2c4-ab7a-421a-94bd-c6957f2bbd5b", "effective_cve": "CVE-2021-33655", "image": {"exact": "docker.io/anchore/test_images@sha256:cf742eca189b02902a0a7926ac3fbb423e799937bf4358b0d2acc6cc36ab82aa"}, "label": "FP", "note": "This is now ignored by default as a false positive since the kernel-headers package does not have kernel code in it. Vulnerabilities against the upstream kernel package are for the kernel code itself, not the headers", "package": {"name": "kernel-headers", "version": "4.14.275-207.503.amzn2"}, "timestamp": "2024-04-11T07:13:53.305047+00:00", "tool": "[email protected]", "user": "zhill", "vulnerability_id": "CVE-2021-33655"}

0 comments on commit a30d23c

Please sign in to comment.