diff --git a/Makefile b/Makefile index b3a1d919..e64be103 100644 --- a/Makefile +++ b/Makefile @@ -111,6 +111,7 @@ lint-fix: virtual-env-check ## Fix linting issues (ruff) .PHONY: format format: virtual-env-check ## Format all code (black) black src tests + poetry run python scripts/format-json-snapshots.py .PHONY: check-types check-types: virtual-env-check ## Run type checks (mypy) diff --git a/scripts/__init__.py b/scripts/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/scripts/format-json-snapshots.py b/scripts/format-json-snapshots.py new file mode 100644 index 00000000..066a317d --- /dev/null +++ b/scripts/format-json-snapshots.py @@ -0,0 +1,35 @@ +import os + +import orjson + +root_directory = "tests/unit/providers" + + +def pretty_print_json_file(file_path): + try: + with open(file_path, "rb") as file: + existing = file.read() + data = orjson.loads(existing) + + formatted = orjson.dumps( + data, + option=orjson.OPT_INDENT_2 | orjson.OPT_SORT_KEYS | orjson.OPT_APPEND_NEWLINE) + if formatted == existing: + return + + with open(file_path, "wb") as file: + file.write(formatted) + print(f"Formatted: {file_path}") + except (OSError, orjson.JSONDecodeError) as e: + print(f"Error processing {file_path}: {e}") + + +def main(): + for dirpath, _, filenames in os.walk(root_directory): + if "test-fixtures/snapshots" in dirpath: + for filename in filenames: + if filename.endswith(".json"): + file_path = os.path.join(dirpath, filename) + pretty_print_json_file(file_path) + + print("JSON formatting complete.") diff --git a/tests/conftest.py b/tests/conftest.py index 3c16d81a..8724e019 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -9,6 +9,7 @@ import shutil import jsonschema +import orjson import pytest @@ -93,7 +94,11 @@ def assert_result_snapshots(self): if not self.snapshot._snapshot_update and not os.path.exists(snapshot_abs_path): missing_snapshot_files.append(snapshot_abs_path) else: - self.snapshot.assert_match(f.read() + "\n", snapshot_path) + d = orjson.loads(f.read()) + expected_bytes = orjson.dumps( + d, option=orjson.OPT_APPEND_NEWLINE | orjson.OPT_INDENT_2 | orjson.OPT_SORT_KEYS + ) + self.snapshot.assert_match(expected_bytes, snapshot_path) if snapshot_abs_path in expected_files_to_test: expected_files_to_test.remove(snapshot_abs_path) diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-1071.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-1071.json index 2076b5fd..8dfbd37d 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-1071.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-1071.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2018-1071","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zsh","Version":"5.4.2-r1"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-1071","Description":"","Metadata":{},"Name":"CVE-2018-1071","CVSS":[]}}} +{ + "identifier": "3.15/cve-2018-1071", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zsh", + "NamespaceName": "alpine:3.15", + "Version": "5.4.2-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-1071", + "Metadata": {}, + "Name": "CVE-2018-1071", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-1083.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-1083.json index 37d2f61a..b5a74c86 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-1083.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-1083.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2018-1083","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zsh","Version":"5.4.2-r1"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-1083","Description":"","Metadata":{},"Name":"CVE-2018-1083","CVSS":[]}}} +{ + "identifier": "3.15/cve-2018-1083", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zsh", + "NamespaceName": "alpine:3.15", + "Version": "5.4.2-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-1083", + "Metadata": {}, + "Name": "CVE-2018-1083", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-25032.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-25032.json index 91471002..3cf00b63 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-25032.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2018-25032.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2018-25032","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zlib","Version":"1.2.12-r0"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-25032","Description":"","Metadata":{},"Name":"CVE-2018-25032","CVSS":[]}}} +{ + "identifier": "3.15/cve-2018-25032", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zlib", + "NamespaceName": "alpine:3.15", + "Version": "1.2.12-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "Metadata": {}, + "Name": "CVE-2018-25032", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-11922.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-11922.json index ae08b498..7d060f8d 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-11922.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-11922.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2019-11922","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zstd","Version":"1.3.8-r0"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-11922","Description":"","Metadata":{},"Name":"CVE-2019-11922","CVSS":[]}}} +{ + "identifier": "3.15/cve-2019-11922", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zstd", + "NamespaceName": "alpine:3.15", + "Version": "1.3.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-11922", + "Metadata": {}, + "Name": "CVE-2019-11922", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-13132.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-13132.json index 274fe215..109e7bde 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-13132.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-13132.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2019-13132","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zeromq","Version":"4.3.2-r0"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-13132","Description":"","Metadata":{},"Name":"CVE-2019-13132","CVSS":[]}}} +{ + "identifier": "3.15/cve-2019-13132", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zeromq", + "NamespaceName": "alpine:3.15", + "Version": "4.3.2-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-13132", + "Metadata": {}, + "Name": "CVE-2019-13132", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-20044.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-20044.json index 79e9375e..31f62bdb 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-20044.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-20044.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2019-20044","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zsh","Version":"5.8-r0"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-20044","Description":"","Metadata":{},"Name":"CVE-2019-20044","CVSS":[]}}} +{ + "identifier": "3.15/cve-2019-20044", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zsh", + "NamespaceName": "alpine:3.15", + "Version": "5.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-20044", + "Metadata": {}, + "Name": "CVE-2019-20044", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-6250.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-6250.json index 93c5f00b..bab1fbb8 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-6250.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-6250.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2019-6250","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zeromq","Version":"4.3.1-r0"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-6250","Description":"","Metadata":{},"Name":"CVE-2019-6250","CVSS":[]}}} +{ + "identifier": "3.15/cve-2019-6250", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zeromq", + "NamespaceName": "alpine:3.15", + "Version": "4.3.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-6250", + "Metadata": {}, + "Name": "CVE-2019-6250", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-9210.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-9210.json index a99801a0..c8b4d014 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-9210.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2019-9210.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2019-9210","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"advancecomp","Version":"2.1-r2"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-9210","Description":"","Metadata":{},"Name":"CVE-2019-9210","CVSS":[]}}} +{ + "identifier": "3.15/cve-2019-9210", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "advancecomp", + "NamespaceName": "alpine:3.15", + "Version": "2.1-r2", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-9210", + "Metadata": {}, + "Name": "CVE-2019-9210", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2020-14929.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2020-14929.json index b3907106..0e253114 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2020-14929.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2020-14929.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2020-14929","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"alpine","Version":"2.23-r0"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-14929","Description":"","Metadata":{},"Name":"CVE-2020-14929","CVSS":[]}}} +{ + "identifier": "3.15/cve-2020-14929", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "alpine", + "NamespaceName": "alpine:3.15", + "Version": "2.23-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-14929", + "Metadata": {}, + "Name": "CVE-2020-14929", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2020-15166.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2020-15166.json index ea242318..23d60fa7 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2020-15166.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2020-15166.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2020-15166","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zeromq","Version":"4.3.3-r0"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-15166","Description":"","Metadata":{},"Name":"CVE-2020-15166","CVSS":[]}}} +{ + "identifier": "3.15/cve-2020-15166", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zeromq", + "NamespaceName": "alpine:3.15", + "Version": "4.3.3-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-15166", + "Metadata": {}, + "Name": "CVE-2020-15166", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-24031.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-24031.json index c089014e..74bee967 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-24031.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-24031.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2021-24031","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zstd","Version":"1.4.1-r0"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-24031","Description":"","Metadata":{},"Name":"CVE-2021-24031","CVSS":[]}}} +{ + "identifier": "3.15/cve-2021-24031", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zstd", + "NamespaceName": "alpine:3.15", + "Version": "1.4.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-24031", + "Metadata": {}, + "Name": "CVE-2021-24031", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-24032.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-24032.json index 2251384a..00f5b842 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-24032.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-24032.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2021-24032","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zstd","Version":"1.4.9-r0"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-24032","Description":"","Metadata":{},"Name":"CVE-2021-24032","CVSS":[]}}} +{ + "identifier": "3.15/cve-2021-24032", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zstd", + "NamespaceName": "alpine:3.15", + "Version": "1.4.9-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-24032", + "Metadata": {}, + "Name": "CVE-2021-24032", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-38370.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-38370.json index c4cbf2d4..143b1e41 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-38370.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-38370.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2021-38370","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"alpine","Version":"2.25-r0"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-38370","Description":"","Metadata":{},"Name":"CVE-2021-38370","CVSS":[]}}} +{ + "identifier": "3.15/cve-2021-38370", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "alpine", + "NamespaceName": "alpine:3.15", + "Version": "2.25-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-38370", + "Metadata": {}, + "Name": "CVE-2021-38370", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-45444.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-45444.json index 6897e6bd..6dab55bf 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-45444.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2021-45444.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2021-45444","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zsh","Version":"5.8.1-r0"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-45444","Description":"","Metadata":{},"Name":"CVE-2021-45444","CVSS":[]}}} +{ + "identifier": "3.15/cve-2021-45444", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zsh", + "NamespaceName": "alpine:3.15", + "Version": "5.8.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-45444", + "Metadata": {}, + "Name": "CVE-2021-45444", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2022-1271.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2022-1271.json index 3e21b111..e5a8ac3f 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2022-1271.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2022-1271.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2022-1271","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"xz","Version":"5.2.5-r1"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-1271","Description":"","Metadata":{},"Name":"CVE-2022-1271","CVSS":[]}}} +{ + "identifier": "3.15/cve-2022-1271", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "xz", + "NamespaceName": "alpine:3.15", + "Version": "5.2.5-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-1271", + "Metadata": {}, + "Name": "CVE-2022-1271", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2022-37434.json b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2022-37434.json index eae7f45c..da04a12a 100644 --- a/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2022-37434.json +++ b/tests/unit/providers/alpine/test-fixtures/snapshots/3.15/cve-2022-37434.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"3.15/cve-2022-37434","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"alpine:3.15","FixedIn":[{"VersionFormat":"apk","NamespaceName":"alpine:3.15","Name":"zlib","Version":"1.2.12-r2"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-37434","Description":"","Metadata":{},"Name":"CVE-2022-37434","CVSS":[]}}} +{ + "identifier": "3.15/cve-2022-37434", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zlib", + "NamespaceName": "alpine:3.15", + "Version": "1.2.12-r2", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "Metadata": {}, + "Name": "CVE-2022-37434", + "NamespaceName": "alpine:3.15", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2/alas-2018-939.json b/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2/alas-2018-939.json index 6a592b4a..5f79e886 100644 --- a/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2/alas-2018-939.json +++ b/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2/alas-2018-939.json @@ -1 +1,103 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"amzn:2/alas-2018-939","item":{"Vulnerability":{"Description":"An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upon previously incorporated Kernel Page Table Isolation (KPTI) that addressed CVE-2017-5754. Customers must upgrade to the latest Amazon Linux kernel or AMI to effectively mitigate the impact of both CVE-2017-5754 and CVE-2017-5715 on MMU privilege separation (kernel mode vs. user mode) within their instance.Customers with existing Amazon Linux AMI instances should run the following command to ensure they receive the updated package:sudo yum update kernelAs is standard per any update of the Linux kernel, after the yum update is complete, a reboot is required for updates to take effect.Please refer to https://aws.amazon.com/security/security-bulletins/AWS-2018-013/ for additional information regarding CVE-2017-5754.Updated on 2018-01-06: Additional KPTI improvements.Updated on 2018-01-09: Updated detailsUpdated on 2018-01-13: Additional fixes for CVE-2017-5715","FixedIn":[{"Name":"kernel","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"kernel-debuginfo","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"kernel-debuginfo-common-x86_64","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"kernel-devel","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"kernel-doc","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"kernel-headers","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"kernel-tools","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"kernel-tools-debuginfo","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"kernel-tools-devel","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"perf","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"perf-debuginfo","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"python-perf","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"},{"Name":"python-perf-debuginfo","NamespaceName":"amzn:2","Version":"4.9.76-38.79.amzn2","VersionFormat":"rpm"}],"Link":"https://alas.aws.amazon.com/AL2/ALAS-2018-939.html","Metadata":{"CVE":[{"Name":"CVE-2017-5715"},{"Name":"CVE-2017-5754"}]},"Name":"ALAS-2018-939","NamespaceName":"amzn:2","Severity":"Critical"}}} +{ + "identifier": "amzn:2/alas-2018-939", + "item": { + "Vulnerability": { + "Description": "An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upon previously incorporated Kernel Page Table Isolation (KPTI) that addressed CVE-2017-5754. Customers must upgrade to the latest Amazon Linux kernel or AMI to effectively mitigate the impact of both CVE-2017-5754 and CVE-2017-5715 on MMU privilege separation (kernel mode vs. user mode) within their instance.Customers with existing Amazon Linux AMI instances should run the following command to ensure they receive the updated package:sudo yum update kernelAs is standard per any update of the Linux kernel, after the yum update is complete, a reboot is required for updates to take effect.Please refer to https://aws.amazon.com/security/security-bulletins/AWS-2018-013/ for additional information regarding CVE-2017-5754.Updated on 2018-01-06: Additional KPTI improvements.Updated on 2018-01-09: Updated detailsUpdated on 2018-01-13: Additional fixes for CVE-2017-5715", + "FixedIn": [ + { + "Name": "kernel", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "kernel-debuginfo", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "kernel-debuginfo-common-x86_64", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "kernel-devel", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "kernel-doc", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "kernel-headers", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "kernel-tools", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "kernel-tools-debuginfo", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "kernel-tools-devel", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "perf", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "perf-debuginfo", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "python-perf", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + }, + { + "Name": "python-perf-debuginfo", + "NamespaceName": "amzn:2", + "Version": "4.9.76-38.79.amzn2", + "VersionFormat": "rpm" + } + ], + "Link": "https://alas.aws.amazon.com/AL2/ALAS-2018-939.html", + "Metadata": { + "CVE": [ + { + "Name": "CVE-2017-5715" + }, + { + "Name": "CVE-2017-5754" + } + ] + }, + "Name": "ALAS-2018-939", + "NamespaceName": "amzn:2", + "Severity": "Critical" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2022/alas-2021-001.json b/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2022/alas-2021-001.json index 780af0c3..d80e149b 100644 --- a/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2022/alas-2021-001.json +++ b/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2022/alas-2021-001.json @@ -1 +1,109 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"amzn:2022/alas-2021-001","item":{"Vulnerability":{"Description":"A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3778)A use-after-free vulnerability in vim could allow an attacker to input a specially crafted file leading to memory corruption and a potentially exploitable crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3796)An out-of-bounds write flaw was found in vim's drawscreen.c win_redr_status() function. This flaw allows an attacker to trick a user to open a crafted file with specific arguments in vim, triggering an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, and system availability. (CVE-2021-3872)There's an out-of-bounds read flaw in Vim's ex_docmd.c. An attacker who is capable of tricking a user into opening a specially crafted file could trigger an out-of-bounds read on a memmove operation, potentially causing an impact to application availability. (CVE-2021-3875)","FixedIn":[{"Name":"vim","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-X11","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-X11-debuginfo","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-common","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-common-debuginfo","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-debuginfo","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-debugsource","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-default-editor","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-enhanced","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-enhanced-debuginfo","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-filesystem","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-minimal","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"},{"Name":"vim-minimal-debuginfo","NamespaceName":"amzn:2022","Version":"8.2.3512-1.amzn2022","VersionFormat":"rpm"}],"Link":"https://alas.aws.amazon.com/AL2022/ALAS-2021-001.html","Metadata":{"CVE":[{"Name":"CVE-2021-3778"},{"Name":"CVE-2021-3796"},{"Name":"CVE-2021-3872"},{"Name":"CVE-2021-3875"}]},"Name":"ALAS-2021-001","NamespaceName":"amzn:2022","Severity":"Medium"}}} +{ + "identifier": "amzn:2022/alas-2021-001", + "item": { + "Vulnerability": { + "Description": "A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3778)A use-after-free vulnerability in vim could allow an attacker to input a specially crafted file leading to memory corruption and a potentially exploitable crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3796)An out-of-bounds write flaw was found in vim's drawscreen.c win_redr_status() function. This flaw allows an attacker to trick a user to open a crafted file with specific arguments in vim, triggering an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, and system availability. (CVE-2021-3872)There's an out-of-bounds read flaw in Vim's ex_docmd.c. An attacker who is capable of tricking a user into opening a specially crafted file could trigger an out-of-bounds read on a memmove operation, potentially causing an impact to application availability. (CVE-2021-3875)", + "FixedIn": [ + { + "Name": "vim", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-X11", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-X11-debuginfo", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-common", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-common-debuginfo", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-debuginfo", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-debugsource", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-default-editor", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-enhanced", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-enhanced-debuginfo", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-filesystem", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-minimal", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + }, + { + "Name": "vim-minimal-debuginfo", + "NamespaceName": "amzn:2022", + "Version": "8.2.3512-1.amzn2022", + "VersionFormat": "rpm" + } + ], + "Link": "https://alas.aws.amazon.com/AL2022/ALAS-2021-001.html", + "Metadata": { + "CVE": [ + { + "Name": "CVE-2021-3778" + }, + { + "Name": "CVE-2021-3796" + }, + { + "Name": "CVE-2021-3872" + }, + { + "Name": "CVE-2021-3875" + } + ] + }, + "Name": "ALAS-2021-001", + "NamespaceName": "amzn:2022", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2023/alas-2023-126.json b/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2023/alas-2023-126.json index e0d3a88d..139bfc81 100644 --- a/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2023/alas-2023-126.json +++ b/tests/unit/providers/amazon/test-fixtures/snapshots/amzn:2023/alas-2023-126.json @@ -1 +1,94 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"amzn:2023/alas-2023-126","item":{"Vulnerability":{"Description":"A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root. (CVE-2022-3787)A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, in conjunction with CVE-2022-41974. Local users that are able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which may lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root. (CVE-2022-41973)multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword, which is mishandled because arithmetic ADD is used instead of bitwise OR. (CVE-2022-41974)","FixedIn":[{"Name":"device-mapper-multipath","NamespaceName":"amzn:2023","Version":"0.8.7-16.amzn2023.0.1","VersionFormat":"rpm"},{"Name":"device-mapper-multipath-debuginfo","NamespaceName":"amzn:2023","Version":"0.8.7-16.amzn2023.0.1","VersionFormat":"rpm"},{"Name":"device-mapper-multipath-debugsource","NamespaceName":"amzn:2023","Version":"0.8.7-16.amzn2023.0.1","VersionFormat":"rpm"},{"Name":"device-mapper-multipath-devel","NamespaceName":"amzn:2023","Version":"0.8.7-16.amzn2023.0.1","VersionFormat":"rpm"},{"Name":"device-mapper-multipath-libs","NamespaceName":"amzn:2023","Version":"0.8.7-16.amzn2023.0.1","VersionFormat":"rpm"},{"Name":"device-mapper-multipath-libs-debuginfo","NamespaceName":"amzn:2023","Version":"0.8.7-16.amzn2023.0.1","VersionFormat":"rpm"},{"Name":"kpartx","NamespaceName":"amzn:2023","Version":"0.8.7-16.amzn2023.0.1","VersionFormat":"rpm"},{"Name":"kpartx-debuginfo","NamespaceName":"amzn:2023","Version":"0.8.7-16.amzn2023.0.1","VersionFormat":"rpm"},{"Name":"libdmmp","NamespaceName":"amzn:2023","Version":"0.8.7-16.amzn2023.0.1","VersionFormat":"rpm"},{"Name":"libdmmp-debuginfo","NamespaceName":"amzn:2023","Version":"0.8.7-16.amzn2023.0.1","VersionFormat":"rpm"},{"Name":"libdmmp-devel","NamespaceName":"amzn:2023","Version":"0.8.7-16.amzn2023.0.1","VersionFormat":"rpm"}],"Link":"https://alas.aws.amazon.com/AL2023/ALAS-2023-126.html","Metadata":{"CVE":[{"Name":"CVE-2022-3787"},{"Name":"CVE-2022-41973"},{"Name":"CVE-2022-41974"}]},"Name":"ALAS-2023-126","NamespaceName":"amzn:2023","Severity":"High"}}} +{ + "identifier": "amzn:2023/alas-2023-126", + "item": { + "Vulnerability": { + "Description": "A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root. (CVE-2022-3787)A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, in conjunction with CVE-2022-41974. Local users that are able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which may lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root. (CVE-2022-41973)multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword, which is mishandled because arithmetic ADD is used instead of bitwise OR. (CVE-2022-41974)", + "FixedIn": [ + { + "Name": "device-mapper-multipath", + "NamespaceName": "amzn:2023", + "Version": "0.8.7-16.amzn2023.0.1", + "VersionFormat": "rpm" + }, + { + "Name": "device-mapper-multipath-debuginfo", + "NamespaceName": "amzn:2023", + "Version": "0.8.7-16.amzn2023.0.1", + "VersionFormat": "rpm" + }, + { + "Name": "device-mapper-multipath-debugsource", + "NamespaceName": "amzn:2023", + "Version": "0.8.7-16.amzn2023.0.1", + "VersionFormat": "rpm" + }, + { + "Name": "device-mapper-multipath-devel", + "NamespaceName": "amzn:2023", + "Version": "0.8.7-16.amzn2023.0.1", + "VersionFormat": "rpm" + }, + { + "Name": "device-mapper-multipath-libs", + "NamespaceName": "amzn:2023", + "Version": "0.8.7-16.amzn2023.0.1", + "VersionFormat": "rpm" + }, + { + "Name": "device-mapper-multipath-libs-debuginfo", + "NamespaceName": "amzn:2023", + "Version": "0.8.7-16.amzn2023.0.1", + "VersionFormat": "rpm" + }, + { + "Name": "kpartx", + "NamespaceName": "amzn:2023", + "Version": "0.8.7-16.amzn2023.0.1", + "VersionFormat": "rpm" + }, + { + "Name": "kpartx-debuginfo", + "NamespaceName": "amzn:2023", + "Version": "0.8.7-16.amzn2023.0.1", + "VersionFormat": "rpm" + }, + { + "Name": "libdmmp", + "NamespaceName": "amzn:2023", + "Version": "0.8.7-16.amzn2023.0.1", + "VersionFormat": "rpm" + }, + { + "Name": "libdmmp-debuginfo", + "NamespaceName": "amzn:2023", + "Version": "0.8.7-16.amzn2023.0.1", + "VersionFormat": "rpm" + }, + { + "Name": "libdmmp-devel", + "NamespaceName": "amzn:2023", + "Version": "0.8.7-16.amzn2023.0.1", + "VersionFormat": "rpm" + } + ], + "Link": "https://alas.aws.amazon.com/AL2023/ALAS-2023-126.html", + "Metadata": { + "CVE": [ + { + "Name": "CVE-2022-3787" + }, + { + "Name": "CVE-2022-41973" + }, + { + "Name": "CVE-2022-41974" + } + ] + }, + "Name": "ALAS-2023-126", + "NamespaceName": "amzn:2023", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-2728.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-2728.json index 6773dc8f..bb303166 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-2728.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-2728.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2007-2728","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"php","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2007-2728","Description":"","Metadata":{},"Name":"CVE-2007-2728","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2007-2728", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "php", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2007-2728", + "Metadata": {}, + "Name": "CVE-2007-2728", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-3205.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-3205.json index f212e240..2b63da0a 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-3205.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-3205.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2007-3205","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"php","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2007-3205","Description":"","Metadata":{},"Name":"CVE-2007-3205","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2007-3205", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "php", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2007-3205", + "Metadata": {}, + "Name": "CVE-2007-3205", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-4559.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-4559.json index f43f3290..f6050ff9 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-4559.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-4559.json @@ -1 +1,35 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2007-4559","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"python-3.10","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"},{"Name":"python-3.11","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"},{"Name":"python-3.12","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2007-4559","Description":"","Metadata":{},"Name":"CVE-2007-4559","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2007-4559", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "python-3.10", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + }, + { + "Name": "python-3.11", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + }, + { + "Name": "python-3.12", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2007-4559", + "Metadata": {}, + "Name": "CVE-2007-4559", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-4596.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-4596.json index e21ce2de..8702e464 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-4596.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2007-4596.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2007-4596","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"php","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2007-4596","Description":"","Metadata":{},"Name":"CVE-2007-4596","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2007-4596", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "php", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2007-4596", + "Metadata": {}, + "Name": "CVE-2007-4596", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2010-4756.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2010-4756.json index 20f84481..af6607f3 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2010-4756.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2010-4756.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2010-4756","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"glibc","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2010-4756","Description":"","Metadata":{},"Name":"CVE-2010-4756","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2010-4756", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "glibc", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2010-4756", + "Metadata": {}, + "Name": "CVE-2010-4756", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-2102.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-2102.json index c488b303..b82cd964 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-2102.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-2102.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2016-2102","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"haproxy","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2016-2102","Description":"","Metadata":{},"Name":"CVE-2016-2102","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2016-2102", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "haproxy", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2016-2102", + "Metadata": {}, + "Name": "CVE-2016-2102", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-2781.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-2781.json index 46c780ff..93e5164d 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-2781.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-2781.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2016-2781","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"coreutils","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2016-2781","Description":"","Metadata":{},"Name":"CVE-2016-2781","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2016-2781", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "coreutils", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "Metadata": {}, + "Name": "CVE-2016-2781", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9131.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9131.json index cf125eb0..c34236df 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9131.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9131.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2016-9131","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2016-9131","Description":"","Metadata":{},"Name":"CVE-2016-9131","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2016-9131", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2016-9131", + "Metadata": {}, + "Name": "CVE-2016-9131", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9147.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9147.json index 2ec96588..d8c0cf9d 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9147.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9147.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2016-9147","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2016-9147","Description":"","Metadata":{},"Name":"CVE-2016-9147","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2016-9147", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2016-9147", + "Metadata": {}, + "Name": "CVE-2016-9147", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9444.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9444.json index 749d9d43..e44b8e11 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9444.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2016-9444.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2016-9444","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2016-9444","Description":"","Metadata":{},"Name":"CVE-2016-9444","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2016-9444", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2016-9444", + "Metadata": {}, + "Name": "CVE-2016-9444", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3136.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3136.json index a1d44217..9851c666 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3136.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3136.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2017-3136","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2017-3136","Description":"","Metadata":{},"Name":"CVE-2017-3136","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2017-3136", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2017-3136", + "Metadata": {}, + "Name": "CVE-2017-3136", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3137.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3137.json index 2434eb8e..969ebbcc 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3137.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3137.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2017-3137","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2017-3137","Description":"","Metadata":{},"Name":"CVE-2017-3137","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2017-3137", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2017-3137", + "Metadata": {}, + "Name": "CVE-2017-3137", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3138.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3138.json index 75a3c88e..06313002 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3138.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3138.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2017-3138","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2017-3138","Description":"","Metadata":{},"Name":"CVE-2017-3138","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2017-3138", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2017-3138", + "Metadata": {}, + "Name": "CVE-2017-3138", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3145.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3145.json index 10a671ef..85817e53 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3145.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-3145.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2017-3145","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2017-3145","Description":"","Metadata":{},"Name":"CVE-2017-3145","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2017-3145", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2017-3145", + "Metadata": {}, + "Name": "CVE-2017-3145", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-7507.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-7507.json index 9217f677..86a4041a 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-7507.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-7507.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2017-7507","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnutls","Version":"3.7.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2017-7507","Description":"","Metadata":{},"Name":"CVE-2017-7507","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2017-7507", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnutls", + "NamespaceName": "chainguard:rolling", + "Version": "3.7.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2017-7507", + "Metadata": {}, + "Name": "CVE-2017-7507", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-8806.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-8806.json index b24f47f5..2b9ed93e 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-8806.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2017-8806.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2017-8806","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"postgresql-15","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2017-8806","Description":"","Metadata":{},"Name":"CVE-2017-8806","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2017-8806", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "postgresql-15", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2017-8806", + "Metadata": {}, + "Name": "CVE-2017-8806", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-1000156.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-1000156.json index d3ee9102..cd0f2f70 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-1000156.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-1000156.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-1000156","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-1000156","Description":"","Metadata":{},"Name":"CVE-2018-1000156","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-1000156", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "chainguard:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-1000156", + "Metadata": {}, + "Name": "CVE-2018-1000156", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-12020.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-12020.json index 3cc7fadb..7db97f85 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-12020.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-12020.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-12020","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnupg","Version":"2.2.41-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-12020","Description":"","Metadata":{},"Name":"CVE-2018-12020","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-12020", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnupg", + "NamespaceName": "chainguard:rolling", + "Version": "2.2.41-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-12020", + "Metadata": {}, + "Name": "CVE-2018-12020", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-20969.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-20969.json index fe8cb783..923175c8 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-20969.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-20969.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-20969","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-20969","Description":"","Metadata":{},"Name":"CVE-2018-20969","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-20969", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "chainguard:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-20969", + "Metadata": {}, + "Name": "CVE-2018-20969", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-25032.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-25032.json index 4cc52d29..83d1bf46 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-25032.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-25032.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-25032","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"zlib","Version":"1.2.12-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-25032","Description":"","Metadata":{},"Name":"CVE-2018-25032","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-25032", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zlib", + "NamespaceName": "chainguard:rolling", + "Version": "1.2.12-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "Metadata": {}, + "Name": "CVE-2018-25032", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5736.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5736.json index b7e6152d..b86b22eb 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5736.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5736.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-5736","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-5736","Description":"","Metadata":{},"Name":"CVE-2018-5736","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-5736", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-5736", + "Metadata": {}, + "Name": "CVE-2018-5736", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5737.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5737.json index 4cc65076..006e1536 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5737.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5737.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-5737","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-5737","Description":"","Metadata":{},"Name":"CVE-2018-5737","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-5737", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-5737", + "Metadata": {}, + "Name": "CVE-2018-5737", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5738.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5738.json index ba8058c5..b0838872 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5738.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5738.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-5738","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-5738","Description":"","Metadata":{},"Name":"CVE-2018-5738","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-5738", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-5738", + "Metadata": {}, + "Name": "CVE-2018-5738", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5740.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5740.json index 754e4994..cc3905b9 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5740.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5740.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-5740","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-5740","Description":"","Metadata":{},"Name":"CVE-2018-5740","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-5740", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-5740", + "Metadata": {}, + "Name": "CVE-2018-5740", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5743.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5743.json index a145cc81..e6feaf35 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5743.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5743.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-5743","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-5743","Description":"","Metadata":{},"Name":"CVE-2018-5743","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-5743", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-5743", + "Metadata": {}, + "Name": "CVE-2018-5743", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5744.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5744.json index df70ffe9..f5135b9f 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5744.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5744.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-5744","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-5744","Description":"","Metadata":{},"Name":"CVE-2018-5744","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-5744", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-5744", + "Metadata": {}, + "Name": "CVE-2018-5744", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5745.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5745.json index beae2123..2e016036 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5745.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-5745.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-5745","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-5745","Description":"","Metadata":{},"Name":"CVE-2018-5745","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-5745", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-5745", + "Metadata": {}, + "Name": "CVE-2018-5745", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-6951.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-6951.json index d82a3f48..9a70e214 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-6951.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-6951.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-6951","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-6951","Description":"","Metadata":{},"Name":"CVE-2018-6951","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-6951", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "chainguard:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-6951", + "Metadata": {}, + "Name": "CVE-2018-6951", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-6952.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-6952.json index cfe69fd7..850dcd69 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-6952.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2018-6952.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2018-6952","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-6952","Description":"","Metadata":{},"Name":"CVE-2018-6952","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2018-6952", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "chainguard:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-6952", + "Metadata": {}, + "Name": "CVE-2018-6952", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010022.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010022.json index ab7a2cc4..cfda1357 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010022.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010022.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-1010022","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"glibc","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-1010022","Description":"","Metadata":{},"Name":"CVE-2019-1010022","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-1010022", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "glibc", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-1010022", + "Metadata": {}, + "Name": "CVE-2019-1010022", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010023.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010023.json index e1364a88..77ac2333 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010023.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010023.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-1010023","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"glibc","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-1010023","Description":"","Metadata":{},"Name":"CVE-2019-1010023","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-1010023", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "glibc", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-1010023", + "Metadata": {}, + "Name": "CVE-2019-1010023", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010024.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010024.json index 9b1c43cd..3917a127 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010024.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010024.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-1010024","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"glibc","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-1010024","Description":"","Metadata":{},"Name":"CVE-2019-1010024","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-1010024", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "glibc", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-1010024", + "Metadata": {}, + "Name": "CVE-2019-1010024", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010025.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010025.json index 570745df..8a6da867 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010025.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-1010025.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-1010025","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"glibc","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-1010025","Description":"","Metadata":{},"Name":"CVE-2019-1010025","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-1010025", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "glibc", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-1010025", + "Metadata": {}, + "Name": "CVE-2019-1010025", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-12290.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-12290.json index 55f33841..3096fcf3 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-12290.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-12290.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-12290","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"libidn2","Version":"2.3.4-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-12290","Description":"","Metadata":{},"Name":"CVE-2019-12290","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-12290", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libidn2", + "NamespaceName": "chainguard:rolling", + "Version": "2.3.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-12290", + "Metadata": {}, + "Name": "CVE-2019-12290", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-13636.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-13636.json index 400a855e..01b2e237 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-13636.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-13636.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-13636","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-13636","Description":"","Metadata":{},"Name":"CVE-2019-13636","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-13636", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "chainguard:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-13636", + "Metadata": {}, + "Name": "CVE-2019-13636", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-13638.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-13638.json index 7f4d7192..ebee373d 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-13638.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-13638.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-13638","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-13638","Description":"","Metadata":{},"Name":"CVE-2019-13638","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-13638", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "chainguard:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-13638", + "Metadata": {}, + "Name": "CVE-2019-13638", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-14855.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-14855.json index ffacf9d1..5a4b6586 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-14855.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-14855.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-14855","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnupg","Version":"2.2.41-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-14855","Description":"","Metadata":{},"Name":"CVE-2019-14855","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-14855", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnupg", + "NamespaceName": "chainguard:rolling", + "Version": "2.2.41-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-14855", + "Metadata": {}, + "Name": "CVE-2019-14855", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-18224.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-18224.json index c9b8a131..9da90c40 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-18224.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-18224.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-18224","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"libidn2","Version":"2.3.4-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-18224","Description":"","Metadata":{},"Name":"CVE-2019-18224","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-18224", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libidn2", + "NamespaceName": "chainguard:rolling", + "Version": "2.3.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-18224", + "Metadata": {}, + "Name": "CVE-2019-18224", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-20633.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-20633.json index cdb9d5a3..76cc9326 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-20633.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-20633.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-20633","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-20633","Description":"","Metadata":{},"Name":"CVE-2019-20633","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-20633", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "chainguard:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-20633", + "Metadata": {}, + "Name": "CVE-2019-20633", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-3829.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-3829.json index ee6e34d1..6088292e 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-3829.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-3829.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-3829","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnutls","Version":"3.7.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-3829","Description":"","Metadata":{},"Name":"CVE-2019-3829","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-3829", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnutls", + "NamespaceName": "chainguard:rolling", + "Version": "3.7.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-3829", + "Metadata": {}, + "Name": "CVE-2019-3829", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-3836.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-3836.json index 8d99c669..4417f234 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-3836.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-3836.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-3836","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnutls","Version":"3.7.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-3836","Description":"","Metadata":{},"Name":"CVE-2019-3836","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-3836", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnutls", + "NamespaceName": "chainguard:rolling", + "Version": "3.7.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-3836", + "Metadata": {}, + "Name": "CVE-2019-3836", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6293.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6293.json index dc7329dd..16e452df 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6293.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6293.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-6293","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"flex","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-6293","Description":"","Metadata":{},"Name":"CVE-2019-6293","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-6293", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "flex", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-6293", + "Metadata": {}, + "Name": "CVE-2019-6293", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6465.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6465.json index 9cf973e2..f790b6ef 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6465.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6465.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-6465","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-6465","Description":"","Metadata":{},"Name":"CVE-2019-6465","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-6465", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-6465", + "Metadata": {}, + "Name": "CVE-2019-6465", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6467.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6467.json index 5ddecd25..4e380134 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6467.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6467.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-6467","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-6467","Description":"","Metadata":{},"Name":"CVE-2019-6467","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-6467", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-6467", + "Metadata": {}, + "Name": "CVE-2019-6467", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6470.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6470.json index ec193f2b..ec25f455 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6470.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6470.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-6470","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-6470","Description":"","Metadata":{},"Name":"CVE-2019-6470","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-6470", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-6470", + "Metadata": {}, + "Name": "CVE-2019-6470", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6471.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6471.json index 84acefd5..6e9d4e2b 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6471.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6471.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-6471","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-6471","Description":"","Metadata":{},"Name":"CVE-2019-6471","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-6471", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-6471", + "Metadata": {}, + "Name": "CVE-2019-6471", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6475.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6475.json index 7263b9e4..911349c4 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6475.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6475.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-6475","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-6475","Description":"","Metadata":{},"Name":"CVE-2019-6475","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-6475", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-6475", + "Metadata": {}, + "Name": "CVE-2019-6475", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6476.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6476.json index 57a6a117..8a74ec07 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6476.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6476.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-6476","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-6476","Description":"","Metadata":{},"Name":"CVE-2019-6476","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-6476", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-6476", + "Metadata": {}, + "Name": "CVE-2019-6476", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6477.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6477.json index 667a6c62..34f94767 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6477.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6477.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-6477","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-6477","Description":"","Metadata":{},"Name":"CVE-2019-6477","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-6477", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-6477", + "Metadata": {}, + "Name": "CVE-2019-6477", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6706.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6706.json index 3d428a54..111d3c06 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6706.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2019-6706.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2019-6706","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"lua5.4","Version":"5.4.4-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-6706","Description":"","Metadata":{},"Name":"CVE-2019-6706","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2019-6706", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "lua5.4", + "NamespaceName": "chainguard:rolling", + "Version": "5.4.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-6706", + "Metadata": {}, + "Name": "CVE-2019-6706", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-10735.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-10735.json index 361329b9..dd750659 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-10735.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-10735.json @@ -1 +1,35 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-10735","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"python-3.10","Version":"3.10.9-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"},{"Name":"python-3.11","Version":"3.0.7-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"},{"Name":"python-3.12","Version":"3.0.7-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-10735","Description":"","Metadata":{},"Name":"CVE-2020-10735","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-10735", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "python-3.10", + "NamespaceName": "chainguard:rolling", + "Version": "3.10.9-r0", + "VersionFormat": "apk" + }, + { + "Name": "python-3.11", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.7-r0", + "VersionFormat": "apk" + }, + { + "Name": "python-3.12", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.7-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-10735", + "Metadata": {}, + "Name": "CVE-2020-10735", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-11501.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-11501.json index 6ddcf129..d80ecbfb 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-11501.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-11501.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-11501","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnutls","Version":"3.7.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-11501","Description":"","Metadata":{},"Name":"CVE-2020-11501","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-11501", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnutls", + "NamespaceName": "chainguard:rolling", + "Version": "3.7.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-11501", + "Metadata": {}, + "Name": "CVE-2020-11501", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-13777.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-13777.json index b165126c..cdcd18f5 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-13777.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-13777.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-13777","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnutls","Version":"3.7.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-13777","Description":"","Metadata":{},"Name":"CVE-2020-13777","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-13777", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnutls", + "NamespaceName": "chainguard:rolling", + "Version": "3.7.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-13777", + "Metadata": {}, + "Name": "CVE-2020-13777", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-24659.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-24659.json index a16d34b5..f2d2f71d 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-24659.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-24659.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-24659","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnutls","Version":"3.7.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-24659","Description":"","Metadata":{},"Name":"CVE-2020-24659","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-24659", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnutls", + "NamespaceName": "chainguard:rolling", + "Version": "3.7.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-24659", + "Metadata": {}, + "Name": "CVE-2020-24659", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-25125.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-25125.json index 9c288a83..285dac33 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-25125.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-25125.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-25125","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnupg","Version":"2.2.41-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-25125","Description":"","Metadata":{},"Name":"CVE-2020-25125","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-25125", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnupg", + "NamespaceName": "chainguard:rolling", + "Version": "2.2.41-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-25125", + "Metadata": {}, + "Name": "CVE-2020-25125", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-29509.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-29509.json index 98b50f1e..1588fc66 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-29509.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-29509.json @@ -1 +1,29 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-29509","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"go-1.19","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"},{"Name":"go-1.20","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-29509","Description":"","Metadata":{},"Name":"CVE-2020-29509","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-29509", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "go-1.19", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + }, + { + "Name": "go-1.20", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-29509", + "Metadata": {}, + "Name": "CVE-2020-29509", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-29511.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-29511.json index 697a5021..2a633957 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-29511.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-29511.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-29511","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"go-1.20","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-29511","Description":"","Metadata":{},"Name":"CVE-2020-29511","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-29511", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "go-1.20", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-29511", + "Metadata": {}, + "Name": "CVE-2020-29511", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8616.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8616.json index e0e41fdb..6e27d84d 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8616.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8616.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-8616","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8616","Description":"","Metadata":{},"Name":"CVE-2020-8616","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-8616", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8616", + "Metadata": {}, + "Name": "CVE-2020-8616", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8617.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8617.json index 32acd7b0..fc862067 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8617.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8617.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-8617","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8617","Description":"","Metadata":{},"Name":"CVE-2020-8617","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-8617", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8617", + "Metadata": {}, + "Name": "CVE-2020-8617", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8618.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8618.json index 2112f14e..7b948354 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8618.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8618.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-8618","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8618","Description":"","Metadata":{},"Name":"CVE-2020-8618","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-8618", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8618", + "Metadata": {}, + "Name": "CVE-2020-8618", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8619.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8619.json index c2c2e545..f06843ed 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8619.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8619.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-8619","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8619","Description":"","Metadata":{},"Name":"CVE-2020-8619","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-8619", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8619", + "Metadata": {}, + "Name": "CVE-2020-8619", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8620.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8620.json index 9ff48a16..3a968295 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8620.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8620.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-8620","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8620","Description":"","Metadata":{},"Name":"CVE-2020-8620","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-8620", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8620", + "Metadata": {}, + "Name": "CVE-2020-8620", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8621.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8621.json index d04985f3..09d9dd27 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8621.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8621.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-8621","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8621","Description":"","Metadata":{},"Name":"CVE-2020-8621","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-8621", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8621", + "Metadata": {}, + "Name": "CVE-2020-8621", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8622.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8622.json index 79049690..0f61624a 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8622.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8622.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-8622","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8622","Description":"","Metadata":{},"Name":"CVE-2020-8622","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-8622", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8622", + "Metadata": {}, + "Name": "CVE-2020-8622", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8623.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8623.json index 455f9432..8c63aecb 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8623.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8623.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-8623","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8623","Description":"","Metadata":{},"Name":"CVE-2020-8623","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-8623", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8623", + "Metadata": {}, + "Name": "CVE-2020-8623", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8624.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8624.json index b74ea002..2a33c839 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8624.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8624.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-8624","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8624","Description":"","Metadata":{},"Name":"CVE-2020-8624","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-8624", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8624", + "Metadata": {}, + "Name": "CVE-2020-8624", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8625.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8625.json index 0287d1c1..d1e3cfe4 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8625.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8625.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-8625","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8625","Description":"","Metadata":{},"Name":"CVE-2020-8625","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-8625", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8625", + "Metadata": {}, + "Name": "CVE-2020-8625", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8927.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8927.json index 5c8e96b6..527911b6 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8927.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2020-8927.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2020-8927","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"brotli","Version":"1.0.9-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8927","Description":"","Metadata":{},"Name":"CVE-2020-8927","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2020-8927", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "brotli", + "NamespaceName": "chainguard:rolling", + "Version": "1.0.9-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8927", + "Metadata": {}, + "Name": "CVE-2020-8927", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20231.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20231.json index 668d2546..3df2f9e1 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20231.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20231.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-20231","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnutls","Version":"3.7.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-20231","Description":"","Metadata":{},"Name":"CVE-2021-20231","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-20231", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnutls", + "NamespaceName": "chainguard:rolling", + "Version": "3.7.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-20231", + "Metadata": {}, + "Name": "CVE-2021-20231", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20232.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20232.json index 2295d4d4..a6d3bad2 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20232.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20232.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-20232","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnutls","Version":"3.7.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-20232","Description":"","Metadata":{},"Name":"CVE-2021-20232","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-20232", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnutls", + "NamespaceName": "chainguard:rolling", + "Version": "3.7.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-20232", + "Metadata": {}, + "Name": "CVE-2021-20232", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20305.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20305.json index 2aee9068..0f98d954 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20305.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-20305.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-20305","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"nettle","Version":"3.8.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-20305","Description":"","Metadata":{},"Name":"CVE-2021-20305","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-20305", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "nettle", + "NamespaceName": "chainguard:rolling", + "Version": "3.8.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-20305", + "Metadata": {}, + "Name": "CVE-2021-20305", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25214.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25214.json index 8ac7492f..6a48906a 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25214.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25214.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-25214","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-25214","Description":"","Metadata":{},"Name":"CVE-2021-25214","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-25214", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-25214", + "Metadata": {}, + "Name": "CVE-2021-25214", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25215.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25215.json index 9ef013a6..920f1327 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25215.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25215.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-25215","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-25215","Description":"","Metadata":{},"Name":"CVE-2021-25215","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-25215", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-25215", + "Metadata": {}, + "Name": "CVE-2021-25215", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25216.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25216.json index a9617842..ba61a0f3 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25216.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25216.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-25216","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-25216","Description":"","Metadata":{},"Name":"CVE-2021-25216","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-25216", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-25216", + "Metadata": {}, + "Name": "CVE-2021-25216", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25218.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25218.json index be96fb83..976886ae 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25218.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25218.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-25218","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-25218","Description":"","Metadata":{},"Name":"CVE-2021-25218","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-25218", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-25218", + "Metadata": {}, + "Name": "CVE-2021-25218", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25219.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25219.json index 5b4fc36d..6d755b08 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25219.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25219.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-25219","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-25219","Description":"","Metadata":{},"Name":"CVE-2021-25219","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-25219", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-25219", + "Metadata": {}, + "Name": "CVE-2021-25219", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25220.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25220.json index 71a7f94f..e2e3659d 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25220.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-25220.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-25220","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-25220","Description":"","Metadata":{},"Name":"CVE-2021-25220","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-25220", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-25220", + "Metadata": {}, + "Name": "CVE-2021-25220", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-30218.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-30218.json index 5242d0b6..56f8c65e 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-30218.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-30218.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-30218","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"samurai","Version":"1.2-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-30218","Description":"","Metadata":{},"Name":"CVE-2021-30218","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-30218", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "samurai", + "NamespaceName": "chainguard:rolling", + "Version": "1.2-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-30218", + "Metadata": {}, + "Name": "CVE-2021-30218", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-30219.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-30219.json index 0ad4d24c..6b101b4e 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-30219.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-30219.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-30219","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"samurai","Version":"1.2-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-30219","Description":"","Metadata":{},"Name":"CVE-2021-30219","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-30219", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "samurai", + "NamespaceName": "chainguard:rolling", + "Version": "1.2-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-30219", + "Metadata": {}, + "Name": "CVE-2021-30219", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-3121.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-3121.json index a34a0bc1..bf6a4a1d 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-3121.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-3121.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-3121","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"protobuf-c","Version":"1.4.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-3121","Description":"","Metadata":{},"Name":"CVE-2021-3121","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-3121", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "protobuf-c", + "NamespaceName": "chainguard:rolling", + "Version": "1.4.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-3121", + "Metadata": {}, + "Name": "CVE-2021-3121", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-33621.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-33621.json index aa423b76..546b713f 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-33621.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-33621.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-33621","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"ruby-3.0","Version":"3.0.5-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-33621","Description":"","Metadata":{},"Name":"CVE-2021-33621","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-33621", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "ruby-3.0", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.5-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-33621", + "Metadata": {}, + "Name": "CVE-2021-33621", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-3580.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-3580.json index 4ecad0c0..8d743b27 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-3580.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-3580.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-3580","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"nettle","Version":"3.8.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-3580","Description":"","Metadata":{},"Name":"CVE-2021-3580","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-3580", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "nettle", + "NamespaceName": "chainguard:rolling", + "Version": "3.8.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-3580", + "Metadata": {}, + "Name": "CVE-2021-3580", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-36156.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-36156.json index a9142c94..d482cf48 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-36156.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-36156.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-36156","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"grafana","Version":"7.5.19-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-36156","Description":"","Metadata":{},"Name":"CVE-2021-36156","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-36156", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "grafana", + "NamespaceName": "chainguard:rolling", + "Version": "7.5.19-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-36156", + "Metadata": {}, + "Name": "CVE-2021-36156", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-41803.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-41803.json index a483be9b..5a233320 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-41803.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-41803.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-41803","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"traefik","Version":"2.9.8-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-41803","Description":"","Metadata":{},"Name":"CVE-2021-41803","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-41803", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "traefik", + "NamespaceName": "chainguard:rolling", + "Version": "2.9.8-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-41803", + "Metadata": {}, + "Name": "CVE-2021-41803", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-43618.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-43618.json index 9104904c..34bd5e86 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-43618.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-43618.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-43618","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gmp","Version":"6.2.1-r4","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-43618","Description":"","Metadata":{},"Name":"CVE-2021-43618","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-43618", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gmp", + "NamespaceName": "chainguard:rolling", + "Version": "6.2.1-r4", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-43618", + "Metadata": {}, + "Name": "CVE-2021-43618", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-46848.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-46848.json index 40f901ac..b23d5f38 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-46848.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2021-46848.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2021-46848","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"libtasn1","Version":"4.19.0-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-46848","Description":"","Metadata":{},"Name":"CVE-2021-46848","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2021-46848", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libtasn1", + "NamespaceName": "chainguard:rolling", + "Version": "4.19.0-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-46848", + "Metadata": {}, + "Name": "CVE-2021-46848", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-0396.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-0396.json index 4083c7f9..6eea41f9 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-0396.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-0396.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-0396","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-0396","Description":"","Metadata":{},"Name":"CVE-2022-0396","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-0396", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-0396", + "Metadata": {}, + "Name": "CVE-2022-0396", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-0543.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-0543.json index d65b48ce..d83f80e0 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-0543.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-0543.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-0543","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"redis","Version":"7.0.7-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-0543","Description":"","Metadata":{},"Name":"CVE-2022-0543","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-0543", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "redis", + "NamespaceName": "chainguard:rolling", + "Version": "7.0.7-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-0543", + "Metadata": {}, + "Name": "CVE-2022-0543", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-1586.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-1586.json index 99055647..de4b6f74 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-1586.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-1586.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-1586","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"pcre2","Version":"10.40-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-1586","Description":"","Metadata":{},"Name":"CVE-2022-1586","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-1586", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "pcre2", + "NamespaceName": "chainguard:rolling", + "Version": "10.40-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "Metadata": {}, + "Name": "CVE-2022-1586", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-1587.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-1587.json index a6975b01..88f2617a 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-1587.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-1587.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-1587","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"pcre2","Version":"10.40-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-1587","Description":"","Metadata":{},"Name":"CVE-2022-1587","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-1587", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "pcre2", + "NamespaceName": "chainguard:rolling", + "Version": "10.40-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "Metadata": {}, + "Name": "CVE-2022-1587", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-23469.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-23469.json index 6c3eb01e..6f586de4 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-23469.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-23469.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-23469","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"traefik","Version":"2.9.6-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-23469","Description":"","Metadata":{},"Name":"CVE-2022-23469","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-23469", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "traefik", + "NamespaceName": "chainguard:rolling", + "Version": "2.9.6-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-23469", + "Metadata": {}, + "Name": "CVE-2022-23469", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-23521.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-23521.json index 136a217a..33dec4aa 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-23521.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-23521.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-23521","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"git","Version":"2.39.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-23521","Description":"","Metadata":{},"Name":"CVE-2022-23521","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-23521", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "git", + "NamespaceName": "chainguard:rolling", + "Version": "2.39.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-23521", + "Metadata": {}, + "Name": "CVE-2022-23521", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2509.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2509.json index 61ba17f5..0017b932 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2509.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2509.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-2509","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnutls","Version":"3.7.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-2509","Description":"","Metadata":{},"Name":"CVE-2022-2509","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-2509", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnutls", + "NamespaceName": "chainguard:rolling", + "Version": "3.7.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-2509", + "Metadata": {}, + "Name": "CVE-2022-2509", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-26691.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-26691.json index 70deb3c2..1fa297ad 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-26691.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-26691.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-26691","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"cups","Version":"2.4.2-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-26691","Description":"","Metadata":{},"Name":"CVE-2022-26691","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-26691", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "cups", + "NamespaceName": "chainguard:rolling", + "Version": "2.4.2-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-26691", + "Metadata": {}, + "Name": "CVE-2022-26691", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27404.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27404.json index ce5b15fc..f88e6eca 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27404.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27404.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-27404","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"freetype","Version":"2.12.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-27404","Description":"","Metadata":{},"Name":"CVE-2022-27404","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-27404", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "freetype", + "NamespaceName": "chainguard:rolling", + "Version": "2.12.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-27404", + "Metadata": {}, + "Name": "CVE-2022-27404", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27405.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27405.json index 96ff702e..8a205c4f 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27405.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27405.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-27405","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"freetype","Version":"2.12.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-27405","Description":"","Metadata":{},"Name":"CVE-2022-27405","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-27405", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "freetype", + "NamespaceName": "chainguard:rolling", + "Version": "2.12.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-27405", + "Metadata": {}, + "Name": "CVE-2022-27405", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27406.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27406.json index 53c732a6..02811c04 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27406.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-27406.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-27406","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"freetype","Version":"2.12.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-27406","Description":"","Metadata":{},"Name":"CVE-2022-27406","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-27406", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "freetype", + "NamespaceName": "chainguard:rolling", + "Version": "2.12.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-27406", + "Metadata": {}, + "Name": "CVE-2022-27406", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2795.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2795.json index 90a74f75..699fefde 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2795.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2795.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-2795","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-2795","Description":"","Metadata":{},"Name":"CVE-2022-2795","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-2795", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-2795", + "Metadata": {}, + "Name": "CVE-2022-2795", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28391.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28391.json index c38145df..907f04f5 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28391.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28391.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-28391","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"busybox","Version":"1.35.0-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-28391","Description":"","Metadata":{},"Name":"CVE-2022-28391","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-28391", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "busybox", + "NamespaceName": "chainguard:rolling", + "Version": "1.35.0-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-28391", + "Metadata": {}, + "Name": "CVE-2022-28391", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28506.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28506.json index 233a805f..90682a68 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28506.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28506.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-28506","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"giflib","Version":"5.2.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-28506","Description":"","Metadata":{},"Name":"CVE-2022-28506","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-28506", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "giflib", + "NamespaceName": "chainguard:rolling", + "Version": "5.2.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-28506", + "Metadata": {}, + "Name": "CVE-2022-28506", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28805.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28805.json index b2c03f40..19aed0a0 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28805.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-28805.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-28805","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"lua5.4","Version":"5.4.4-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-28805","Description":"","Metadata":{},"Name":"CVE-2022-28805","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-28805", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "lua5.4", + "NamespaceName": "chainguard:rolling", + "Version": "5.4.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-28805", + "Metadata": {}, + "Name": "CVE-2022-28805", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2881.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2881.json index 38956c02..208296df 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2881.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2881.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-2881","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-2881","Description":"","Metadata":{},"Name":"CVE-2022-2881","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-2881", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-2881", + "Metadata": {}, + "Name": "CVE-2022-2881", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2906.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2906.json index 1e20eff3..887b13f5 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2906.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-2906.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-2906","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-2906","Description":"","Metadata":{},"Name":"CVE-2022-2906","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-2906", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-2906", + "Metadata": {}, + "Name": "CVE-2022-2906", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-29458.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-29458.json index aa58f5b0..8915866a 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-29458.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-29458.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-29458","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"ncurses","Version":"6.3-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-29458","Description":"","Metadata":{},"Name":"CVE-2022-29458","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-29458", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "ncurses", + "NamespaceName": "chainguard:rolling", + "Version": "6.3-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "Metadata": {}, + "Name": "CVE-2022-29458", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-30065.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-30065.json index e6fb8347..308a182c 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-30065.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-30065.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-30065","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"busybox","Version":"1.35.0-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-30065","Description":"","Metadata":{},"Name":"CVE-2022-30065","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-30065", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "busybox", + "NamespaceName": "chainguard:rolling", + "Version": "1.35.0-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-30065", + "Metadata": {}, + "Name": "CVE-2022-30065", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3080.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3080.json index 064031ea..53c0e192 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3080.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3080.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-3080","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3080","Description":"","Metadata":{},"Name":"CVE-2022-3080","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-3080", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3080", + "Metadata": {}, + "Name": "CVE-2022-3080", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3094.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3094.json index 970a0d5c..4f6083e4 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3094.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3094.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-3094","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.11-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3094","Description":"","Metadata":{},"Name":"CVE-2022-3094","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-3094", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.11-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3094", + "Metadata": {}, + "Name": "CVE-2022-3094", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31107.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31107.json index fc48318b..ef7013c8 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31107.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31107.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-31107","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"grafana","Version":"7.5.19-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-31107","Description":"","Metadata":{},"Name":"CVE-2022-31107","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-31107", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "grafana", + "NamespaceName": "chainguard:rolling", + "Version": "7.5.19-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-31107", + "Metadata": {}, + "Name": "CVE-2022-31107", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31123.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31123.json index 43a196ff..3d76b452 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31123.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31123.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-31123","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"grafana","Version":"7.5.19-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-31123","Description":"","Metadata":{},"Name":"CVE-2022-31123","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-31123", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "grafana", + "NamespaceName": "chainguard:rolling", + "Version": "7.5.19-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-31123", + "Metadata": {}, + "Name": "CVE-2022-31123", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31130.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31130.json index 4ca6a00d..1a8ebdc1 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31130.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31130.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-31130","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"grafana","Version":"7.5.19-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-31130","Description":"","Metadata":{},"Name":"CVE-2022-31130","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-31130", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "grafana", + "NamespaceName": "chainguard:rolling", + "Version": "7.5.19-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-31130", + "Metadata": {}, + "Name": "CVE-2022-31130", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31630.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31630.json index 94d26c8c..ce94500a 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31630.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-31630.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-31630","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"php","Version":"8.1.13-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-31630","Description":"","Metadata":{},"Name":"CVE-2022-31630","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-31630", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "php", + "NamespaceName": "chainguard:rolling", + "Version": "8.1.13-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-31630", + "Metadata": {}, + "Name": "CVE-2022-31630", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-32221.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-32221.json index ac03699c..eba70a0c 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-32221.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-32221.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-32221","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"curl","Version":"7.86.0-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-32221","Description":"","Metadata":{},"Name":"CVE-2022-32221","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-32221", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "curl", + "NamespaceName": "chainguard:rolling", + "Version": "7.86.0-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "Metadata": {}, + "Name": "CVE-2022-32221", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-33070.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-33070.json index 22865150..41e987dc 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-33070.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-33070.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-33070","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"protobuf-c","Version":"1.4.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-33070","Description":"","Metadata":{},"Name":"CVE-2022-33070","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-33070", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "protobuf-c", + "NamespaceName": "chainguard:rolling", + "Version": "1.4.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-33070", + "Metadata": {}, + "Name": "CVE-2022-33070", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3358.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3358.json index 28bc09ce..7844c169 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3358.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3358.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-3358","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.7-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3358","Description":"","Metadata":{},"Name":"CVE-2022-3358","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-3358", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.7-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3358", + "Metadata": {}, + "Name": "CVE-2022-3358", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-34903.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-34903.json index 7336ea0a..5ee8aa35 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-34903.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-34903.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-34903","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"gnupg","Version":"2.2.41-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-34903","Description":"","Metadata":{},"Name":"CVE-2022-34903","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-34903", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gnupg", + "NamespaceName": "chainguard:rolling", + "Version": "2.2.41-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-34903", + "Metadata": {}, + "Name": "CVE-2022-34903", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3515.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3515.json index 17dfa670..11cfec65 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3515.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3515.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-3515","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"libksba","Version":"1.6.3-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3515","Description":"","Metadata":{},"Name":"CVE-2022-3515","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-3515", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libksba", + "NamespaceName": "chainguard:rolling", + "Version": "1.6.3-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3515", + "Metadata": {}, + "Name": "CVE-2022-3515", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-35977.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-35977.json index bdf2b858..49e3089a 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-35977.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-35977.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-35977","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"redis","Version":"7.0.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-35977","Description":"","Metadata":{},"Name":"CVE-2022-35977","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-35977", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "redis", + "NamespaceName": "chainguard:rolling", + "Version": "7.0.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-35977", + "Metadata": {}, + "Name": "CVE-2022-35977", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3602.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3602.json index 76470e97..96269052 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3602.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3602.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-3602","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.7-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3602","Description":"","Metadata":{},"Name":"CVE-2022-3602","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-3602", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.7-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3602", + "Metadata": {}, + "Name": "CVE-2022-3602", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-36021.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-36021.json index badac8c6..12dffac4 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-36021.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-36021.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-36021","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"redis","Version":"7.0.9-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-36021","Description":"","Metadata":{},"Name":"CVE-2022-36021","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-36021", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "redis", + "NamespaceName": "chainguard:rolling", + "Version": "7.0.9-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-36021", + "Metadata": {}, + "Name": "CVE-2022-36021", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-36227.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-36227.json index fadfd439..ed58b3f9 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-36227.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-36227.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-36227","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"libarchive","Version":"3.6.1-r2","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-36227","Description":"","Metadata":{},"Name":"CVE-2022-36227","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-36227", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libarchive", + "NamespaceName": "chainguard:rolling", + "Version": "3.6.1-r2", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-36227", + "Metadata": {}, + "Name": "CVE-2022-36227", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3647.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3647.json index a495982f..8a338cd9 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3647.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3647.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-3647","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"redis","Version":"7.0.7-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3647","Description":"","Metadata":{},"Name":"CVE-2022-3647","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-3647", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "redis", + "NamespaceName": "chainguard:rolling", + "Version": "7.0.7-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3647", + "Metadata": {}, + "Name": "CVE-2022-3647", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3734.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3734.json index 2c0fa165..5be7398c 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3734.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3734.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-3734","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"redis","Version":"7.0.7-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3734","Description":"","Metadata":{},"Name":"CVE-2022-3734","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-3734", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "redis", + "NamespaceName": "chainguard:rolling", + "Version": "7.0.7-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3734", + "Metadata": {}, + "Name": "CVE-2022-3734", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3736.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3736.json index 30058f06..cdbfa6b2 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3736.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3736.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-3736","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.11-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3736","Description":"","Metadata":{},"Name":"CVE-2022-3736","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-3736", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.11-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3736", + "Metadata": {}, + "Name": "CVE-2022-3736", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-37434.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-37434.json index f1427d63..efe91616 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-37434.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-37434.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-37434","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"zlib","Version":"1.2.12-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-37434","Description":"","Metadata":{},"Name":"CVE-2022-37434","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-37434", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zlib", + "NamespaceName": "chainguard:rolling", + "Version": "1.2.12-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "Metadata": {}, + "Name": "CVE-2022-37434", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3786.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3786.json index 211a0111..2eb264c1 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3786.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3786.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-3786","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.7-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3786","Description":"","Metadata":{},"Name":"CVE-2022-3786","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-3786", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.7-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3786", + "Metadata": {}, + "Name": "CVE-2022-3786", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38126.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38126.json index 5777a1db..0fd16b70 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38126.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38126.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-38126","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"binutils","Version":"2.39-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-38126","Description":"","Metadata":{},"Name":"CVE-2022-38126","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-38126", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "binutils", + "NamespaceName": "chainguard:rolling", + "Version": "2.39-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-38126", + "Metadata": {}, + "Name": "CVE-2022-38126", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38128.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38128.json index 15c4073e..5822eada 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38128.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38128.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-38128","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"binutils","Version":"2.39-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-38128","Description":"","Metadata":{},"Name":"CVE-2022-38128","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-38128", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "binutils", + "NamespaceName": "chainguard:rolling", + "Version": "2.39-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-38128", + "Metadata": {}, + "Name": "CVE-2022-38128", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38177.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38177.json index ca488d13..1fb4e932 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38177.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38177.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-38177","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-38177","Description":"","Metadata":{},"Name":"CVE-2022-38177","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-38177", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-38177", + "Metadata": {}, + "Name": "CVE-2022-38177", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38178.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38178.json index d5559268..f3db695e 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38178.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38178.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-38178","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.10-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-38178","Description":"","Metadata":{},"Name":"CVE-2022-38178","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-38178", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.10-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-38178", + "Metadata": {}, + "Name": "CVE-2022-38178", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38533.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38533.json index 60fca368..8a1f32e7 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38533.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-38533.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-38533","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"binutils","Version":"2.39-r2","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-38533","Description":"","Metadata":{},"Name":"CVE-2022-38533","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-38533", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "binutils", + "NamespaceName": "chainguard:rolling", + "Version": "2.39-r2", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-38533", + "Metadata": {}, + "Name": "CVE-2022-38533", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39046.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39046.json index 000a307a..68c92303 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39046.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39046.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-39046","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"glibc","Version":"2.36-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-39046","Description":"","Metadata":{},"Name":"CVE-2022-39046","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-39046", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "glibc", + "NamespaceName": "chainguard:rolling", + "Version": "2.36-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-39046", + "Metadata": {}, + "Name": "CVE-2022-39046", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39201.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39201.json index 82e193d4..204d4ace 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39201.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39201.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-39201","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"grafana","Version":"7.5.19-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-39201","Description":"","Metadata":{},"Name":"CVE-2022-39201","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-39201", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "grafana", + "NamespaceName": "chainguard:rolling", + "Version": "7.5.19-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-39201", + "Metadata": {}, + "Name": "CVE-2022-39201", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3924.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3924.json index 2fc5144b..85345cee 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3924.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3924.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-3924","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"bind","Version":"9.18.11-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3924","Description":"","Metadata":{},"Name":"CVE-2022-3924","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-3924", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "bind", + "NamespaceName": "chainguard:rolling", + "Version": "9.18.11-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3924", + "Metadata": {}, + "Name": "CVE-2022-3924", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39253.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39253.json index 22d58f29..0477e6c7 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39253.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39253.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-39253","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"git","Version":"2.38.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-39253","Description":"","Metadata":{},"Name":"CVE-2022-39253","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-39253", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "git", + "NamespaceName": "chainguard:rolling", + "Version": "2.38.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-39253", + "Metadata": {}, + "Name": "CVE-2022-39253", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39260.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39260.json index 57459271..8ddb01a5 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39260.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39260.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-39260","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"git","Version":"2.38.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-39260","Description":"","Metadata":{},"Name":"CVE-2022-39260","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-39260", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "git", + "NamespaceName": "chainguard:rolling", + "Version": "2.38.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-39260", + "Metadata": {}, + "Name": "CVE-2022-39260", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39379.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39379.json index db17c0b1..874839e3 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39379.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-39379.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-39379","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"ruby3.2-fluentd14","Version":"1.14.6-r3","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-39379","Description":"","Metadata":{},"Name":"CVE-2022-39379","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-39379", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "ruby3.2-fluentd14", + "NamespaceName": "chainguard:rolling", + "Version": "1.14.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-39379", + "Metadata": {}, + "Name": "CVE-2022-39379", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3996.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3996.json index 2f142d28..3e3fe891 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3996.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-3996.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-3996","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.7-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3996","Description":"","Metadata":{},"Name":"CVE-2022-3996","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-3996", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.7-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3996", + "Metadata": {}, + "Name": "CVE-2022-3996", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40303.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40303.json index 35f76511..93b00ba1 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40303.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40303.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-40303","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"libxml2","Version":"2.10.3-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-40303","Description":"","Metadata":{},"Name":"CVE-2022-40303","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-40303", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libxml2", + "NamespaceName": "chainguard:rolling", + "Version": "2.10.3-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-40303", + "Metadata": {}, + "Name": "CVE-2022-40303", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40304.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40304.json index 662db2c7..6d83b733 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40304.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40304.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-40304","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"libxml2","Version":"2.10.3-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-40304","Description":"","Metadata":{},"Name":"CVE-2022-40304","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-40304", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libxml2", + "NamespaceName": "chainguard:rolling", + "Version": "2.10.3-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-40304", + "Metadata": {}, + "Name": "CVE-2022-40304", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40674.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40674.json index 03cbfd37..4fea7db7 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40674.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40674.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-40674","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"expat","Version":"2.4.9-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-40674","Description":"","Metadata":{},"Name":"CVE-2022-40674","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-40674", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "expat", + "NamespaceName": "chainguard:rolling", + "Version": "2.4.9-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-40674", + "Metadata": {}, + "Name": "CVE-2022-40674", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40716.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40716.json index 11a0ddfb..68bc5be9 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40716.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-40716.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-40716","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"traefik","Version":"2.9.8-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-40716","Description":"","Metadata":{},"Name":"CVE-2022-40716","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-40716", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "traefik", + "NamespaceName": "chainguard:rolling", + "Version": "2.9.8-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-40716", + "Metadata": {}, + "Name": "CVE-2022-40716", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41716.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41716.json index 7639420c..e734a717 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41716.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41716.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-41716","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"go-1.19","Version":"1.19.3-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-41716","Description":"","Metadata":{},"Name":"CVE-2022-41716","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-41716", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "go-1.19", + "NamespaceName": "chainguard:rolling", + "Version": "1.19.3-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-41716", + "Metadata": {}, + "Name": "CVE-2022-41716", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41717.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41717.json index a0c66edf..368ca998 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41717.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41717.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-41717","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"go-1.19","Version":"1.19.4-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-41717","Description":"","Metadata":{},"Name":"CVE-2022-41717","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-41717", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "go-1.19", + "NamespaceName": "chainguard:rolling", + "Version": "1.19.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "Metadata": {}, + "Name": "CVE-2022-41717", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41720.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41720.json index 48c69717..f8e05b25 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41720.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41720.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-41720","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"go-1.19","Version":"1.19.4-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-41720","Description":"","Metadata":{},"Name":"CVE-2022-41720","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-41720", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "go-1.19", + "NamespaceName": "chainguard:rolling", + "Version": "1.19.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-41720", + "Metadata": {}, + "Name": "CVE-2022-41720", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41723.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41723.json index e171becd..cd62b76f 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41723.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41723.json @@ -1 +1,29 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-41723","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"go-1.19","Version":"1.19.6-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"},{"Name":"go-1.20","Version":"1.20.1-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-41723","Description":"","Metadata":{},"Name":"CVE-2022-41723","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-41723", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "go-1.19", + "NamespaceName": "chainguard:rolling", + "Version": "1.19.6-r1", + "VersionFormat": "apk" + }, + { + "Name": "go-1.20", + "NamespaceName": "chainguard:rolling", + "Version": "1.20.1-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-41723", + "Metadata": {}, + "Name": "CVE-2022-41723", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41862.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41862.json index 88b4ec6a..43f5d464 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41862.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41862.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-41862","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"postgresql-15","Version":"15.2-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-41862","Description":"","Metadata":{},"Name":"CVE-2022-41862","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-41862", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "postgresql-15", + "NamespaceName": "chainguard:rolling", + "Version": "15.2-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-41862", + "Metadata": {}, + "Name": "CVE-2022-41862", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41903.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41903.json index b66a9daf..37e49bab 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41903.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-41903.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-41903","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"git","Version":"2.39.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-41903","Description":"","Metadata":{},"Name":"CVE-2022-41903","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-41903", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "git", + "NamespaceName": "chainguard:rolling", + "Version": "2.39.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-41903", + "Metadata": {}, + "Name": "CVE-2022-41903", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42010.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42010.json index 8fc02318..66b9ca81 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42010.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42010.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-42010","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"dbus","Version":"1.14.4-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-42010","Description":"","Metadata":{},"Name":"CVE-2022-42010","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-42010", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "dbus", + "NamespaceName": "chainguard:rolling", + "Version": "1.14.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-42010", + "Metadata": {}, + "Name": "CVE-2022-42010", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42011.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42011.json index 1c1a56a9..df77da8e 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42011.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42011.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-42011","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"dbus","Version":"1.14.4-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-42011","Description":"","Metadata":{},"Name":"CVE-2022-42011","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-42011", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "dbus", + "NamespaceName": "chainguard:rolling", + "Version": "1.14.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-42011", + "Metadata": {}, + "Name": "CVE-2022-42011", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42012.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42012.json index ef53e721..9fe9c695 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42012.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42012.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-42012","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"dbus","Version":"1.14.4-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-42012","Description":"","Metadata":{},"Name":"CVE-2022-42012","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-42012", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "dbus", + "NamespaceName": "chainguard:rolling", + "Version": "1.14.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-42012", + "Metadata": {}, + "Name": "CVE-2022-42012", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4203.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4203.json index 7a51a46d..24f2a714 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4203.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4203.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-4203","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-4203","Description":"","Metadata":{},"Name":"CVE-2022-4203","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-4203", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-4203", + "Metadata": {}, + "Name": "CVE-2022-4203", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42916.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42916.json index b83574d6..077ed200 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42916.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-42916.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-42916","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"curl","Version":"7.86.0-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-42916","Description":"","Metadata":{},"Name":"CVE-2022-42916","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-42916", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "curl", + "NamespaceName": "chainguard:rolling", + "Version": "7.86.0-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-42916", + "Metadata": {}, + "Name": "CVE-2022-42916", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4304.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4304.json index 4a99dd36..48c57ab9 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4304.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4304.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-4304","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-4304","Description":"","Metadata":{},"Name":"CVE-2022-4304","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-4304", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-4304", + "Metadata": {}, + "Name": "CVE-2022-4304", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43551.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43551.json index 21402088..80e71041 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43551.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43551.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-43551","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"curl","Version":"7.87.0-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-43551","Description":"","Metadata":{},"Name":"CVE-2022-43551","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-43551", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "curl", + "NamespaceName": "chainguard:rolling", + "Version": "7.87.0-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-43551", + "Metadata": {}, + "Name": "CVE-2022-43551", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43552.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43552.json index 09deeb14..03833602 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43552.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43552.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-43552","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"curl","Version":"7.87.0-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-43552","Description":"","Metadata":{},"Name":"CVE-2022-43552","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-43552", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "curl", + "NamespaceName": "chainguard:rolling", + "Version": "7.87.0-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-43552", + "Metadata": {}, + "Name": "CVE-2022-43552", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43680.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43680.json index 2eaf4708..55ed0dce 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43680.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-43680.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-43680","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"expat","Version":"2.5.0-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-43680","Description":"","Metadata":{},"Name":"CVE-2022-43680","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-43680", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "expat", + "NamespaceName": "chainguard:rolling", + "Version": "2.5.0-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-43680", + "Metadata": {}, + "Name": "CVE-2022-43680", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4450.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4450.json index 7812bbf5..9e95e927 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4450.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-4450.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-4450","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-4450","Description":"","Metadata":{},"Name":"CVE-2022-4450","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-4450", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-4450", + "Metadata": {}, + "Name": "CVE-2022-4450", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-44617.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-44617.json index f1949485..38729e1b 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-44617.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-44617.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-44617","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"libxpm","Version":"3.5.15-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-44617","Description":"","Metadata":{},"Name":"CVE-2022-44617","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-44617", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libxpm", + "NamespaceName": "chainguard:rolling", + "Version": "3.5.15-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-44617", + "Metadata": {}, + "Name": "CVE-2022-44617", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-45142.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-45142.json index c4b27bfa..4bca7bb5 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-45142.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-45142.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-45142","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"heimdal","Version":"7.8.0-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-45142","Description":"","Metadata":{},"Name":"CVE-2022-45142","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-45142", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "heimdal", + "NamespaceName": "chainguard:rolling", + "Version": "7.8.0-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-45142", + "Metadata": {}, + "Name": "CVE-2022-45142", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-46153.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-46153.json index 2a706cfd..944648ab 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-46153.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-46153.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-46153","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"traefik","Version":"2.9.6-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-46153","Description":"","Metadata":{},"Name":"CVE-2022-46153","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-46153", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "traefik", + "NamespaceName": "chainguard:rolling", + "Version": "2.9.6-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-46153", + "Metadata": {}, + "Name": "CVE-2022-46153", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-46908.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-46908.json index af28894c..6931ed0b 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-46908.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-46908.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-46908","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"sqlite","Version":"3.40.0-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-46908","Description":"","Metadata":{},"Name":"CVE-2022-46908","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-46908", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "sqlite", + "NamespaceName": "chainguard:rolling", + "Version": "3.40.0-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-46908", + "Metadata": {}, + "Name": "CVE-2022-46908", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-47015.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-47015.json index 137deda3..7de7dff2 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-47015.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-47015.json @@ -1 +1,29 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-47015","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"mariadb-10.11","Version":"10.6.12-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"},{"Name":"mariadb-10.6","Version":"10.6.12-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-47015","Description":"","Metadata":{},"Name":"CVE-2022-47015","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-47015", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "mariadb-10.11", + "NamespaceName": "chainguard:rolling", + "Version": "10.6.12-r1", + "VersionFormat": "apk" + }, + { + "Name": "mariadb-10.6", + "NamespaceName": "chainguard:rolling", + "Version": "10.6.12-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-47015", + "Metadata": {}, + "Name": "CVE-2022-47015", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-47629.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-47629.json index f3e3ff3a..694d9798 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-47629.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2022-47629.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2022-47629","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"libksba","Version":"1.6.3-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-47629","Description":"","Metadata":{},"Name":"CVE-2022-47629","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2022-47629", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libksba", + "NamespaceName": "chainguard:rolling", + "Version": "1.6.3-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-47629", + "Metadata": {}, + "Name": "CVE-2022-47629", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0215.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0215.json index acedd4db..d449d8d1 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0215.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0215.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-0215","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-0215","Description":"","Metadata":{},"Name":"CVE-2023-0215","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-0215", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-0215", + "Metadata": {}, + "Name": "CVE-2023-0215", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0216.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0216.json index 7e0fd4ad..ce77b889 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0216.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0216.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-0216","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-0216","Description":"","Metadata":{},"Name":"CVE-2023-0216","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-0216", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-0216", + "Metadata": {}, + "Name": "CVE-2023-0216", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0217.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0217.json index 88bccd4f..2764b034 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0217.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0217.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-0217","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-0217","Description":"","Metadata":{},"Name":"CVE-2023-0217","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-0217", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-0217", + "Metadata": {}, + "Name": "CVE-2023-0217", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0286.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0286.json index 1cd7716c..39fe5796 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0286.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0286.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-0286","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-0286","Description":"","Metadata":{},"Name":"CVE-2023-0286","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-0286", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-0286", + "Metadata": {}, + "Name": "CVE-2023-0286", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0401.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0401.json index 5f94bdf4..537e3964 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0401.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0401.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-0401","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-0401","Description":"","Metadata":{},"Name":"CVE-2023-0401","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-0401", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.0.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-0401", + "Metadata": {}, + "Name": "CVE-2023-0401", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0464.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0464.json index d70a0918..51248d44 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0464.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-0464.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-0464","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssl","Version":"3.1.0-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-0464","Description":"","Metadata":{},"Name":"CVE-2023-0464","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-0464", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "chainguard:rolling", + "Version": "3.1.0-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-0464", + "Metadata": {}, + "Name": "CVE-2023-0464", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1127.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1127.json index af8abd44..087cf2c7 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1127.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1127.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-1127","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"vim","Version":"9.0.1378-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-1127","Description":"","Metadata":{},"Name":"CVE-2023-1127","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-1127", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "vim", + "NamespaceName": "chainguard:rolling", + "Version": "9.0.1378-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-1127", + "Metadata": {}, + "Name": "CVE-2023-1127", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1175.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1175.json index f507f1d2..fcce41c9 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1175.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1175.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-1175","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"vim","Version":"9.0.1378-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-1175","Description":"","Metadata":{},"Name":"CVE-2023-1175","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-1175", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "vim", + "NamespaceName": "chainguard:rolling", + "Version": "9.0.1378-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-1175", + "Metadata": {}, + "Name": "CVE-2023-1175", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1264.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1264.json index 553ecab5..49fd66f2 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1264.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1264.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-1264","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"vim","Version":"9.0.1392-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-1264","Description":"","Metadata":{},"Name":"CVE-2023-1264","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-1264", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "vim", + "NamespaceName": "chainguard:rolling", + "Version": "9.0.1392-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-1264", + "Metadata": {}, + "Name": "CVE-2023-1264", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1355.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1355.json index ea4e2e50..b56c41cf 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1355.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-1355.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-1355","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"vim","Version":"9.0.1402-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-1355","Description":"","Metadata":{},"Name":"CVE-2023-1355","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-1355", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "vim", + "NamespaceName": "chainguard:rolling", + "Version": "9.0.1402-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-1355", + "Metadata": {}, + "Name": "CVE-2023-1355", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22458.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22458.json index fd7a3259..bc9d1ac8 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22458.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22458.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-22458","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"redis","Version":"7.0.8-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-22458","Description":"","Metadata":{},"Name":"CVE-2023-22458","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-22458", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "redis", + "NamespaceName": "chainguard:rolling", + "Version": "7.0.8-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-22458", + "Metadata": {}, + "Name": "CVE-2023-22458", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22490.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22490.json index 120c6e7e..68db19b6 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22490.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22490.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-22490","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"git","Version":"2.39.2-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-22490","Description":"","Metadata":{},"Name":"CVE-2023-22490","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-22490", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "git", + "NamespaceName": "chainguard:rolling", + "Version": "2.39.2-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-22490", + "Metadata": {}, + "Name": "CVE-2023-22490", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22499.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22499.json index 1386441f..570da36f 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22499.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22499.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-22499","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"deno","Version":"1.30.0-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-22499","Description":"","Metadata":{},"Name":"CVE-2023-22499","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-22499", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "deno", + "NamespaceName": "chainguard:rolling", + "Version": "1.30.0-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-22499", + "Metadata": {}, + "Name": "CVE-2023-22499", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22743.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22743.json index d09922d2..b7f8144a 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22743.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-22743.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-22743","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"git","Version":"0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-22743","Description":"","Metadata":{},"Name":"CVE-2023-22743","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-22743", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "git", + "NamespaceName": "chainguard:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-22743", + "Metadata": {}, + "Name": "CVE-2023-22743", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-23946.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-23946.json index 2fcfb866..0b6d6b98 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-23946.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-23946.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-23946","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"git","Version":"2.39.2-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-23946","Description":"","Metadata":{},"Name":"CVE-2023-23946","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-23946", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "git", + "NamespaceName": "chainguard:rolling", + "Version": "2.39.2-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-23946", + "Metadata": {}, + "Name": "CVE-2023-23946", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24056.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24056.json index 0252c989..fcbee5f0 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24056.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24056.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-24056","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"pkgconf","Version":"1.9.4-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-24056","Description":"","Metadata":{},"Name":"CVE-2023-24056","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-24056", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "pkgconf", + "NamespaceName": "chainguard:rolling", + "Version": "1.9.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-24056", + "Metadata": {}, + "Name": "CVE-2023-24056", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24532.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24532.json index a4789d95..bec6bbcc 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24532.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24532.json @@ -1 +1,29 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-24532","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"go-1.19","Version":"1.19.7-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"},{"Name":"go-1.20","Version":"1.20.2-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-24532","Description":"","Metadata":{},"Name":"CVE-2023-24532","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-24532", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "go-1.19", + "NamespaceName": "chainguard:rolling", + "Version": "1.19.7-r0", + "VersionFormat": "apk" + }, + { + "Name": "go-1.20", + "NamespaceName": "chainguard:rolling", + "Version": "1.20.2-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-24532", + "Metadata": {}, + "Name": "CVE-2023-24532", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24999.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24999.json index 72fb814c..188441bd 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24999.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-24999.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-24999","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"vault","Version":"1.12.4-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-24999","Description":"","Metadata":{},"Name":"CVE-2023-24999","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-24999", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "vault", + "NamespaceName": "chainguard:rolling", + "Version": "1.12.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-24999", + "Metadata": {}, + "Name": "CVE-2023-24999", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25136.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25136.json index cb5bfb10..53df7d03 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25136.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25136.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-25136","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"openssh","Version":"9.2_p1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-25136","Description":"","Metadata":{},"Name":"CVE-2023-25136","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-25136", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssh", + "NamespaceName": "chainguard:rolling", + "Version": "9.2_p1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-25136", + "Metadata": {}, + "Name": "CVE-2023-25136", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25139.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25139.json index 79a0e730..9050ee40 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25139.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25139.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-25139","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"glibc","Version":"2.37-r1","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-25139","Description":"","Metadata":{},"Name":"CVE-2023-25139","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-25139", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "glibc", + "NamespaceName": "chainguard:rolling", + "Version": "2.37-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-25139", + "Metadata": {}, + "Name": "CVE-2023-25139", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25155.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25155.json index 648e2757..69d9b25b 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25155.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25155.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-25155","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"redis","Version":"7.0.9-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-25155","Description":"","Metadata":{},"Name":"CVE-2023-25155","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-25155", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "redis", + "NamespaceName": "chainguard:rolling", + "Version": "7.0.9-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-25155", + "Metadata": {}, + "Name": "CVE-2023-25155", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25165.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25165.json index 4324b82c..3c7006a1 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25165.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25165.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-25165","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"helm","Version":"3.11.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-25165","Description":"","Metadata":{},"Name":"CVE-2023-25165","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-25165", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "helm", + "NamespaceName": "chainguard:rolling", + "Version": "3.11.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-25165", + "Metadata": {}, + "Name": "CVE-2023-25165", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25725.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25725.json index 6570d60e..2b90cf07 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25725.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-25725.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-25725","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"haproxy","Version":"2.6.9-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-25725","Description":"","Metadata":{},"Name":"CVE-2023-25725","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-25725", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "haproxy", + "NamespaceName": "chainguard:rolling", + "Version": "2.6.9-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-25725", + "Metadata": {}, + "Name": "CVE-2023-25725", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-26489.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-26489.json index 99a099a9..9c47017a 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-26489.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-26489.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-26489","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"wasmtime","Version":"6.0.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-26489","Description":"","Metadata":{},"Name":"CVE-2023-26489","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-26489", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "wasmtime", + "NamespaceName": "chainguard:rolling", + "Version": "6.0.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-26489", + "Metadata": {}, + "Name": "CVE-2023-26489", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-27477.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-27477.json index 259f65b5..1b6c119c 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-27477.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-27477.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-27477","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"wasmtime","Version":"6.0.1-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-27477","Description":"","Metadata":{},"Name":"CVE-2023-27477","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-27477", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "wasmtime", + "NamespaceName": "chainguard:rolling", + "Version": "6.0.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-27477", + "Metadata": {}, + "Name": "CVE-2023-27477", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-27898.json b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-27898.json index b14622ed..7017d743 100644 --- a/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-27898.json +++ b/tests/unit/providers/chainguard/test-fixtures/snapshots/chainguard:rolling/CVE-2023-27898.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"chainguard:rolling/CVE-2023-27898","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"chainguard:rolling","FixedIn":[{"Name":"jenkins","Version":"2.394-r0","VersionFormat":"apk","NamespaceName":"chainguard:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-27898","Description":"","Metadata":{},"Name":"CVE-2023-27898","CVSS":[]}}} +{ + "identifier": "chainguard:rolling/CVE-2023-27898", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "jenkins", + "NamespaceName": "chainguard:rolling", + "Version": "2.394-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-27898", + "Metadata": {}, + "Name": "CVE-2023-27898", + "NamespaceName": "chainguard:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2005-3111.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2005-3111.json index 6c01756a..2d060673 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2005-3111.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2005-3111.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:10/cve-2005-3111","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"debian:10","FixedIn":[{"Name":"backupninja","NamespaceName":"debian:10","VersionFormat":"dpkg","Version":"0.8-2","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2005-3111","Description":"The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack.","Metadata":{},"Name":"CVE-2005-3111","CVSS":[]}}} +{ + "identifier": "debian:10/cve-2005-3111", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack.", + "FixedIn": [ + { + "Name": "backupninja", + "NamespaceName": "debian:10", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "0.8-2", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2005-3111", + "Metadata": {}, + "Name": "CVE-2005-3111", + "NamespaceName": "debian:10", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2007-2383.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2007-2383.json index 4ddb8007..6a05da55 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2007-2383.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2007-2383.json @@ -1 +1,16 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:10/cve-2007-2383","item":{"Vulnerability":{"Severity":"Negligible","NamespaceName":"debian:10","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2007-2383","Description":"The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"","Metadata":{},"Name":"CVE-2007-2383","CVSS":[]}}} +{ + "identifier": "debian:10/cve-2007-2383", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2007-2383", + "Metadata": {}, + "Name": "CVE-2007-2383", + "NamespaceName": "debian:10", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2008-7220.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2008-7220.json index 97cf64de..cecd5ac1 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2008-7220.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2008-7220.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:10/cve-2008-7220","item":{"Vulnerability":{"Severity":"High","NamespaceName":"debian:10","FixedIn":[{"Name":"prototypejs","NamespaceName":"debian:10","VersionFormat":"dpkg","Version":"1.6.0.2-1","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2008-7220","Description":"Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make \"cross-site ajax requests\" via unknown vectors.","Metadata":{},"Name":"CVE-2008-7220","CVSS":[]}}} +{ + "identifier": "debian:10/cve-2008-7220", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make \"cross-site ajax requests\" via unknown vectors.", + "FixedIn": [ + { + "Name": "prototypejs", + "NamespaceName": "debian:10", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "1.6.0.2-1", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2008-7220", + "Metadata": {}, + "Name": "CVE-2008-7220", + "NamespaceName": "debian:10", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2012-0833.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2012-0833.json index 218ae087..30e8e3fe 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2012-0833.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2012-0833.json @@ -1 +1,16 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:10/cve-2012-0833","item":{"Vulnerability":{"Severity":"Negligible","NamespaceName":"debian:10","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2012-0833","Description":"The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.","Metadata":{},"Name":"CVE-2012-0833","CVSS":[]}}} +{ + "identifier": "debian:10/cve-2012-0833", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2012-0833", + "Metadata": {}, + "Name": "CVE-2012-0833", + "NamespaceName": "debian:10", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2013-1444.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2013-1444.json index 2e07c5f0..9390652a 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2013-1444.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2013-1444.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:10/cve-2013-1444","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"debian:10","FixedIn":[{"Name":"txt2man","NamespaceName":"debian:10","VersionFormat":"dpkg","Version":"1.5.5-4.1","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2013-1444","Description":"A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.","Metadata":{},"Name":"CVE-2013-1444","CVSS":[]}}} +{ + "identifier": "debian:10/cve-2013-1444", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.", + "FixedIn": [ + { + "Name": "txt2man", + "NamespaceName": "debian:10", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "1.5.5-4.1", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2013-1444", + "Metadata": {}, + "Name": "CVE-2013-1444", + "NamespaceName": "debian:10", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2022-0456.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2022-0456.json index 5869c61c..decd9cf8 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2022-0456.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:10/cve-2022-0456.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:10/cve-2022-0456","item":{"Vulnerability":{"Severity":"Negligible","NamespaceName":"debian:10","FixedIn":[{"Name":"chromium","NamespaceName":"debian:10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2022-0456","Description":"","Metadata":{},"Name":"CVE-2022-0456","CVSS":[]}}} +{ + "identifier": "debian:10/cve-2022-0456", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "chromium", + "NamespaceName": "debian:10", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2022-0456", + "Metadata": {}, + "Name": "CVE-2022-0456", + "NamespaceName": "debian:10", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:11/cve-2022-0456.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:11/cve-2022-0456.json index 6f54bf15..e699b05b 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:11/cve-2022-0456.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:11/cve-2022-0456.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:11/cve-2022-0456","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"debian:11","FixedIn":[{"Name":"chromium","NamespaceName":"debian:11","VersionFormat":"dpkg","Version":"98.0.4758.80-1~deb11u1","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2022-0456","Description":"","Metadata":{},"Name":"CVE-2022-0456","CVSS":[]}}} +{ + "identifier": "debian:11/cve-2022-0456", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "chromium", + "NamespaceName": "debian:11", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "98.0.4758.80-1~deb11u1", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2022-0456", + "Metadata": {}, + "Name": "CVE-2022-0456", + "NamespaceName": "debian:11", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:12/cve-2022-0456.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:12/cve-2022-0456.json index 150ab800..4b0eb7b2 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:12/cve-2022-0456.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:12/cve-2022-0456.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:12/cve-2022-0456","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"debian:12","FixedIn":[{"Name":"chromium","NamespaceName":"debian:12","VersionFormat":"dpkg","Version":"98.0.4758.80-1","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2022-0456","Description":"","Metadata":{},"Name":"CVE-2022-0456","CVSS":[]}}} +{ + "identifier": "debian:12/cve-2022-0456", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "chromium", + "NamespaceName": "debian:12", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "98.0.4758.80-1", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2022-0456", + "Metadata": {}, + "Name": "CVE-2022-0456", + "NamespaceName": "debian:12", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2004-1653.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2004-1653.json index 0e5c9ae5..d0403978 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2004-1653.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2004-1653.json @@ -1 +1,21 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2004-1653","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2004-1653","Metadata":{"NVD":{"CVSSv2":{"Score":6.4}}},"Name":"CVE-2004-1653","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2004-1653", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2004-1653", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 6.4 + } + } + }, + "Name": "CVE-2004-1653", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2005-3330.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2005-3330.json index 5d0c5001..a4b5c969 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2005-3330.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2005-3330.json @@ -1 +1,21 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2005-3330","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2005-3330","Metadata":{"NVD":{"CVSSv2":{"Score":7.5}}},"Name":"CVE-2005-3330","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2005-3330", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2005-3330", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 7.5 + } + } + }, + "Name": "CVE-2005-3330", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2007-3072.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2007-3072.json index 16e40d91..4098efd8 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2007-3072.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2007-3072.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2007-3072","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2007-3072","Metadata":{"NVD":{"CVSSv2":{"Score":7.1,"Vectors":"AV:N/AC:M/Au:N/C:C/I:N"}}},"Name":"CVE-2007-3072","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2007-3072", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2007-3072", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 7.1, + "Vectors": "AV:N/AC:M/Au:N/C:C/I:N" + } + } + }, + "Name": "CVE-2007-3072", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2011-1758.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2011-1758.json index 79e629bf..60615619 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2011-1758.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2011-1758.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2011-1758","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2011-1758","Metadata":{"NVD":{"CVSSv2":{"Score":3.7,"Vectors":"AV:L/AC:H/Au:N/C:P/I:P"}}},"Name":"CVE-2011-1758","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2011-1758", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2011-1758", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 3.7, + "Vectors": "AV:L/AC:H/Au:N/C:P/I:P" + } + } + }, + "Name": "CVE-2011-1758", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-2188.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-2188.json index be27d9d7..b809ca69 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-2188.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-2188.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2013-2188","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2013-2188","Metadata":{"NVD":{"CVSSv2":{"Score":4.7,"Vectors":"AV:L/AC:M/Au:N/C:N/I:N"}}},"Name":"CVE-2013-2188","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2013-2188", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2013-2188", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 4.7, + "Vectors": "AV:L/AC:M/Au:N/C:N/I:N" + } + } + }, + "Name": "CVE-2013-2188", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-7171.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-7171.json index 91757705..59ee9000 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-7171.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-7171.json @@ -1 +1,15 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2013-7171","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2013-7171","Metadata":{},"Name":"CVE-2013-7171","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2013-7171", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2013-7171", + "Metadata": {}, + "Name": "CVE-2013-7171", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-7353.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-7353.json index b7950d1c..fecfbf04 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-7353.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2013-7353.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2013-7353","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2013-7353","Metadata":{"NVD":{"CVSSv2":{"Score":5,"Vectors":"AV:N/AC:L/Au:N/C:N/I:N"}}},"Name":"CVE-2013-7353","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2013-7353", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2013-7353", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 5, + "Vectors": "AV:N/AC:L/Au:N/C:N/I:N" + } + } + }, + "Name": "CVE-2013-7353", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2014-3230.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2014-3230.json index 1d88b427..1874b9e9 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2014-3230.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2014-3230.json @@ -1 +1,15 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2014-3230","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2014-3230","Metadata":{},"Name":"CVE-2014-3230","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2014-3230", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2014-3230", + "Metadata": {}, + "Name": "CVE-2014-3230", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4170.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4170.json index 53345d6e..e9178e23 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4170.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4170.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2015-4170","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2015-4170","Metadata":{"NVD":{"CVSSv2":{"Score":4.7,"Vectors":"AV:L/AC:M/Au:N/C:N/I:N"}}},"Name":"CVE-2015-4170","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2015-4170", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2015-4170", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 4.7, + "Vectors": "AV:L/AC:M/Au:N/C:N/I:N" + } + } + }, + "Name": "CVE-2015-4170", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4176.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4176.json index 71a92ae6..b5c39d51 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4176.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4176.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2015-4176","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2015-4176","Metadata":{"NVD":{"CVSSv2":{"Score":2.1,"Vectors":"AV:L/AC:L/Au:N/C:N/I:P"}}},"Name":"CVE-2015-4176","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2015-4176", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2015-4176", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 2.1, + "Vectors": "AV:L/AC:L/Au:N/C:N/I:P" + } + } + }, + "Name": "CVE-2015-4176", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4177.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4177.json index 37576b58..c12aec88 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4177.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2015-4177.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2015-4177","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2015-4177","Metadata":{"NVD":{"CVSSv2":{"Score":4.9,"Vectors":"AV:L/AC:L/Au:N/C:N/I:N"}}},"Name":"CVE-2015-4177","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2015-4177", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2015-4177", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 4.9, + "Vectors": "AV:L/AC:L/Au:N/C:N/I:N" + } + } + }, + "Name": "CVE-2015-4177", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-4450.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-4450.json index 71d82508..c083fc8c 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-4450.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-4450.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2016-4450","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2016-4450","Metadata":{"NVD":{"CVSSv2":{"Score":5,"Vectors":"AV:N/AC:L/Au:N/C:N/I:N"}}},"Name":"CVE-2016-4450","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2016-4450", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2016-4450", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 5, + "Vectors": "AV:N/AC:L/Au:N/C:N/I:N" + } + } + }, + "Name": "CVE-2016-4450", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5105.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5105.json index 32bc1adc..6fdcd4cb 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5105.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5105.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2016-5105","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2016-5105","Metadata":{"NVD":{"CVSSv2":{"Score":1.9,"Vectors":"AV:L/AC:M/Au:N/C:P/I:N"}}},"Name":"CVE-2016-5105","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2016-5105", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2016-5105", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 1.9, + "Vectors": "AV:L/AC:M/Au:N/C:P/I:N" + } + } + }, + "Name": "CVE-2016-5105", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5106.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5106.json index a31f2c96..d0f88006 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5106.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5106.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2016-5106","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2016-5106","Metadata":{"NVD":{"CVSSv2":{"Score":1.5,"Vectors":"AV:L/AC:M/Au:S/C:N/I:N"}}},"Name":"CVE-2016-5106","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2016-5106", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2016-5106", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 1.5, + "Vectors": "AV:L/AC:M/Au:S/C:N/I:N" + } + } + }, + "Name": "CVE-2016-5106", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5107.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5107.json index 0c1a69cf..c546cac9 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5107.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-5107.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2016-5107","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2016-5107","Metadata":{"NVD":{"CVSSv2":{"Score":1.5,"Vectors":"AV:L/AC:M/Au:S/C:N/I:N"}}},"Name":"CVE-2016-5107","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2016-5107", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2016-5107", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 1.5, + "Vectors": "AV:L/AC:M/Au:S/C:N/I:N" + } + } + }, + "Name": "CVE-2016-5107", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-9812.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-9812.json index 9e0e2c71..51b486e0 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-9812.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-9812.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2016-9812","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2016-9812","Metadata":{"NVD":{"CVSSv2":{"Score":5,"Vectors":"AV:N/AC:L/Au:N/C:N/I:N"}}},"Name":"CVE-2016-9812","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2016-9812", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2016-9812", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 5, + "Vectors": "AV:N/AC:L/Au:N/C:N/I:N" + } + } + }, + "Name": "CVE-2016-9812", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-9816.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-9816.json index 3f53df35..d1f84317 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-9816.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:7/cve-2016-9816.json @@ -1 +1,22 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:7/cve-2016-9816","item":{"Vulnerability":{"Description":"","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2016-9816","Metadata":{"NVD":{"CVSSv2":{"Score":4.9,"Vectors":"AV:L/AC:L/Au:N/C:N/I:N"}}},"Name":"CVE-2016-9816","NamespaceName":"debian:7","Severity":"Negligible"}}} +{ + "identifier": "debian:7/cve-2016-9816", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2016-9816", + "Metadata": { + "NVD": { + "CVSSv2": { + "Score": 4.9, + "Vectors": "AV:L/AC:L/Au:N/C:N/I:N" + } + } + }, + "Name": "CVE-2016-9816", + "NamespaceName": "debian:7", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2005-3111.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2005-3111.json index 0f13457a..4f107522 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2005-3111.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2005-3111.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:8/cve-2005-3111","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"debian:8","FixedIn":[{"Name":"backupninja","NamespaceName":"debian:8","VersionFormat":"dpkg","Version":"0.8-2","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2005-3111","Description":"The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack.","Metadata":{},"Name":"CVE-2005-3111","CVSS":[]}}} +{ + "identifier": "debian:8/cve-2005-3111", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack.", + "FixedIn": [ + { + "Name": "backupninja", + "NamespaceName": "debian:8", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "0.8-2", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2005-3111", + "Metadata": {}, + "Name": "CVE-2005-3111", + "NamespaceName": "debian:8", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2007-2383.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2007-2383.json index 30adc35b..40dd92a6 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2007-2383.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2007-2383.json @@ -1 +1,16 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:8/cve-2007-2383","item":{"Vulnerability":{"Severity":"Negligible","NamespaceName":"debian:8","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2007-2383","Description":"The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"","Metadata":{},"Name":"CVE-2007-2383","CVSS":[]}}} +{ + "identifier": "debian:8/cve-2007-2383", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2007-2383", + "Metadata": {}, + "Name": "CVE-2007-2383", + "NamespaceName": "debian:8", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2008-7220.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2008-7220.json index 96f046ca..d1ed248f 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2008-7220.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2008-7220.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:8/cve-2008-7220","item":{"Vulnerability":{"Severity":"High","NamespaceName":"debian:8","FixedIn":[{"Name":"prototypejs","NamespaceName":"debian:8","VersionFormat":"dpkg","Version":"1.6.0.2-1","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2008-7220","Description":"Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make \"cross-site ajax requests\" via unknown vectors.","Metadata":{},"Name":"CVE-2008-7220","CVSS":[]}}} +{ + "identifier": "debian:8/cve-2008-7220", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make \"cross-site ajax requests\" via unknown vectors.", + "FixedIn": [ + { + "Name": "prototypejs", + "NamespaceName": "debian:8", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "1.6.0.2-1", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2008-7220", + "Metadata": {}, + "Name": "CVE-2008-7220", + "NamespaceName": "debian:8", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2013-1444.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2013-1444.json index 1b2cc2ff..e57d9dcf 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2013-1444.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:8/cve-2013-1444.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:8/cve-2013-1444","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"debian:8","FixedIn":[{"Name":"txt2man","NamespaceName":"debian:8","VersionFormat":"dpkg","Version":"1.5.5-4.1","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2013-1444","Description":"A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.","Metadata":{},"Name":"CVE-2013-1444","CVSS":[]}}} +{ + "identifier": "debian:8/cve-2013-1444", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.", + "FixedIn": [ + { + "Name": "txt2man", + "NamespaceName": "debian:8", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "1.5.5-4.1", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2013-1444", + "Metadata": {}, + "Name": "CVE-2013-1444", + "NamespaceName": "debian:8", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2005-3111.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2005-3111.json index 9f92e6d0..e2cf5876 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2005-3111.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2005-3111.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:9/cve-2005-3111","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"debian:9","FixedIn":[{"Name":"backupninja","NamespaceName":"debian:9","VersionFormat":"dpkg","Version":"0.8-2","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2005-3111","Description":"The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack.","Metadata":{},"Name":"CVE-2005-3111","CVSS":[]}}} +{ + "identifier": "debian:9/cve-2005-3111", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack.", + "FixedIn": [ + { + "Name": "backupninja", + "NamespaceName": "debian:9", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "0.8-2", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2005-3111", + "Metadata": {}, + "Name": "CVE-2005-3111", + "NamespaceName": "debian:9", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2007-2383.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2007-2383.json index 0be48889..e4805bf2 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2007-2383.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2007-2383.json @@ -1 +1,16 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:9/cve-2007-2383","item":{"Vulnerability":{"Severity":"Negligible","NamespaceName":"debian:9","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2007-2383","Description":"The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"","Metadata":{},"Name":"CVE-2007-2383","CVSS":[]}}} +{ + "identifier": "debian:9/cve-2007-2383", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2007-2383", + "Metadata": {}, + "Name": "CVE-2007-2383", + "NamespaceName": "debian:9", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2008-7220.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2008-7220.json index 89e5a29f..1d6a862e 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2008-7220.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2008-7220.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:9/cve-2008-7220","item":{"Vulnerability":{"Severity":"High","NamespaceName":"debian:9","FixedIn":[{"Name":"prototypejs","NamespaceName":"debian:9","VersionFormat":"dpkg","Version":"1.6.0.2-1","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2008-7220","Description":"Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make \"cross-site ajax requests\" via unknown vectors.","Metadata":{},"Name":"CVE-2008-7220","CVSS":[]}}} +{ + "identifier": "debian:9/cve-2008-7220", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make \"cross-site ajax requests\" via unknown vectors.", + "FixedIn": [ + { + "Name": "prototypejs", + "NamespaceName": "debian:9", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "1.6.0.2-1", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2008-7220", + "Metadata": {}, + "Name": "CVE-2008-7220", + "NamespaceName": "debian:9", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2013-1444.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2013-1444.json index 2ff71bbd..0e16894b 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2013-1444.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2013-1444.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:9/cve-2013-1444","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"debian:9","FixedIn":[{"Name":"txt2man","NamespaceName":"debian:9","VersionFormat":"dpkg","Version":"1.5.5-4.1","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2013-1444","Description":"A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.","Metadata":{},"Name":"CVE-2013-1444","CVSS":[]}}} +{ + "identifier": "debian:9/cve-2013-1444", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.", + "FixedIn": [ + { + "Name": "txt2man", + "NamespaceName": "debian:9", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "1.5.5-4.1", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2013-1444", + "Metadata": {}, + "Name": "CVE-2013-1444", + "NamespaceName": "debian:9", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2022-0456.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2022-0456.json index c6cad8ed..a5293bcc 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2022-0456.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:9/cve-2022-0456.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:9/cve-2022-0456","item":{"Vulnerability":{"Severity":"Negligible","NamespaceName":"debian:9","FixedIn":[{"Name":"chromium","NamespaceName":"debian:9","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2022-0456","Description":"","Metadata":{},"Name":"CVE-2022-0456","CVSS":[]}}} +{ + "identifier": "debian:9/cve-2022-0456", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "chromium", + "NamespaceName": "debian:9", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2022-0456", + "Metadata": {}, + "Name": "CVE-2022-0456", + "NamespaceName": "debian:9", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2005-3111.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2005-3111.json index 2593a80c..7e5ae381 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2005-3111.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2005-3111.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:unstable/cve-2005-3111","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"debian:unstable","FixedIn":[{"Name":"backupninja","NamespaceName":"debian:unstable","VersionFormat":"dpkg","Version":"0.8-2","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2005-3111","Description":"The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack.","Metadata":{},"Name":"CVE-2005-3111","CVSS":[]}}} +{ + "identifier": "debian:unstable/cve-2005-3111", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack.", + "FixedIn": [ + { + "Name": "backupninja", + "NamespaceName": "debian:unstable", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "0.8-2", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2005-3111", + "Metadata": {}, + "Name": "CVE-2005-3111", + "NamespaceName": "debian:unstable", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2007-2383.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2007-2383.json index a954a39b..bff7d51f 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2007-2383.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2007-2383.json @@ -1 +1,16 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:unstable/cve-2007-2383","item":{"Vulnerability":{"Severity":"Negligible","NamespaceName":"debian:unstable","FixedIn":[],"Link":"https://security-tracker.debian.org/tracker/CVE-2007-2383","Description":"The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"","Metadata":{},"Name":"CVE-2007-2383","CVSS":[]}}} +{ + "identifier": "debian:unstable/cve-2007-2383", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"", + "FixedIn": [], + "Link": "https://security-tracker.debian.org/tracker/CVE-2007-2383", + "Metadata": {}, + "Name": "CVE-2007-2383", + "NamespaceName": "debian:unstable", + "Severity": "Negligible" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2008-7220.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2008-7220.json index d90119cb..6b6dce3e 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2008-7220.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2008-7220.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:unstable/cve-2008-7220","item":{"Vulnerability":{"Severity":"High","NamespaceName":"debian:unstable","FixedIn":[{"Name":"prototypejs","NamespaceName":"debian:unstable","VersionFormat":"dpkg","Version":"1.6.0.2-1","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2008-7220","Description":"Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make \"cross-site ajax requests\" via unknown vectors.","Metadata":{},"Name":"CVE-2008-7220","CVSS":[]}}} +{ + "identifier": "debian:unstable/cve-2008-7220", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make \"cross-site ajax requests\" via unknown vectors.", + "FixedIn": [ + { + "Name": "prototypejs", + "NamespaceName": "debian:unstable", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "1.6.0.2-1", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2008-7220", + "Metadata": {}, + "Name": "CVE-2008-7220", + "NamespaceName": "debian:unstable", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2013-1444.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2013-1444.json index b1b53ddd..83725696 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2013-1444.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2013-1444.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:unstable/cve-2013-1444","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"debian:unstable","FixedIn":[{"Name":"txt2man","NamespaceName":"debian:unstable","VersionFormat":"dpkg","Version":"1.5.5-4.1","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2013-1444","Description":"A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.","Metadata":{},"Name":"CVE-2013-1444","CVSS":[]}}} +{ + "identifier": "debian:unstable/cve-2013-1444", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.", + "FixedIn": [ + { + "Name": "txt2man", + "NamespaceName": "debian:unstable", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "1.5.5-4.1", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2013-1444", + "Metadata": {}, + "Name": "CVE-2013-1444", + "NamespaceName": "debian:unstable", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2022-0456.json b/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2022-0456.json index d74f2de5..b3b2acc2 100644 --- a/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2022-0456.json +++ b/tests/unit/providers/debian/test-fixtures/snapshots/debian:unstable/cve-2022-0456.json @@ -1 +1,27 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"debian:unstable/cve-2022-0456","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"debian:unstable","FixedIn":[{"Name":"chromium","NamespaceName":"debian:unstable","VersionFormat":"dpkg","Version":"98.0.4758.80-1","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Link":"https://security-tracker.debian.org/tracker/CVE-2022-0456","Description":"","Metadata":{},"Name":"CVE-2022-0456","CVSS":[]}}} +{ + "identifier": "debian:unstable/cve-2022-0456", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "chromium", + "NamespaceName": "debian:unstable", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "98.0.4758.80-1", + "VersionFormat": "dpkg" + } + ], + "Link": "https://security-tracker.debian.org/tracker/CVE-2022-0456", + "Metadata": {}, + "Name": "CVE-2022-0456", + "NamespaceName": "debian:unstable", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/github/test-fixtures/snapshots/github:java/ghsa-mh6f-8j2x-4483.json b/tests/unit/providers/github/test-fixtures/snapshots/github:java/ghsa-mh6f-8j2x-4483.json index 6895e590..47f7daf8 100644 --- a/tests/unit/providers/github/test-fixtures/snapshots/github:java/ghsa-mh6f-8j2x-4483.json +++ b/tests/unit/providers/github/test-fixtures/snapshots/github:java/ghsa-mh6f-8j2x-4483.json @@ -1 +1,42 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/github-security-advisory/schema-1.0.1.json","identifier":"github:java/ghsa-mh6f-8j2x-4483","item":{"Vulnerability":{},"Advisory":{"Classification":"GENERAL","Severity":"Critical","CVSS":{"version":"3.1","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","base_metrics":{"base_score":9.8,"exploitability_score":3.9,"impact_score":5.9,"base_severity":"Critical"},"status":"N/A"},"FixedIn":[{"name":"org.webjars.npm:jquery","identifier":"1.9.0","ecosystem":"java","namespace":"github:java","range":">= 1.7.1 <= 1.8.3"}],"Summary":"Critical severity vulnerability that affects flatmap-stream and event-stream","url":"https://github.com/advisories/GHSA-mh6f-8j2x-4483","CVE":[],"Metadata":{"CVE":[]},"ghsaId":"GHSA-mh6f-8j2x-4483","published":"2018-11-26T23:58:21Z","updated":"2023-01-12T05:08:40Z","withdrawn":null,"namespace":"github:java"}}} +{ + "identifier": "github:java/ghsa-mh6f-8j2x-4483", + "item": { + "Advisory": { + "CVE": [], + "CVSS": { + "base_metrics": { + "base_score": 9.8, + "base_severity": "Critical", + "exploitability_score": 3.9, + "impact_score": 5.9 + }, + "status": "N/A", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "Classification": "GENERAL", + "FixedIn": [ + { + "ecosystem": "java", + "identifier": "1.9.0", + "name": "org.webjars.npm:jquery", + "namespace": "github:java", + "range": ">= 1.7.1 <= 1.8.3" + } + ], + "Metadata": { + "CVE": [] + }, + "Severity": "Critical", + "Summary": "Critical severity vulnerability that affects flatmap-stream and event-stream", + "ghsaId": "GHSA-mh6f-8j2x-4483", + "namespace": "github:java", + "published": "2018-11-26T23:58:21Z", + "updated": "2023-01-12T05:08:40Z", + "url": "https://github.com/advisories/GHSA-mh6f-8j2x-4483", + "withdrawn": null + }, + "Vulnerability": {} + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/github-security-advisory/schema-1.0.1.json" +} diff --git a/tests/unit/providers/github/test-fixtures/snapshots/github:npm/ghsa-mh6f-8j2x-4483.json b/tests/unit/providers/github/test-fixtures/snapshots/github:npm/ghsa-mh6f-8j2x-4483.json index e182061d..c7066190 100644 --- a/tests/unit/providers/github/test-fixtures/snapshots/github:npm/ghsa-mh6f-8j2x-4483.json +++ b/tests/unit/providers/github/test-fixtures/snapshots/github:npm/ghsa-mh6f-8j2x-4483.json @@ -1 +1,49 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/github-security-advisory/schema-1.0.1.json","identifier":"github:npm/ghsa-mh6f-8j2x-4483","item":{"Vulnerability":{},"Advisory":{"Classification":"GENERAL","Severity":"Critical","CVSS":{"version":"3.1","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","base_metrics":{"base_score":9.8,"exploitability_score":3.9,"impact_score":5.9,"base_severity":"Critical"},"status":"N/A"},"FixedIn":[{"name":"flatmap-stream","identifier":"None","ecosystem":"npm","namespace":"github:npm","range":""},{"name":"event-stream","identifier":"4.0.0","ecosystem":"npm","namespace":"github:npm","range":""}],"Summary":"Critical severity vulnerability that affects flatmap-stream and event-stream","url":"https://github.com/advisories/GHSA-mh6f-8j2x-4483","CVE":[],"Metadata":{"CVE":[]},"ghsaId":"GHSA-mh6f-8j2x-4483","published":"2018-11-26T23:58:21Z","updated":"2023-01-12T05:08:40Z","withdrawn":null,"namespace":"github:npm"}}} +{ + "identifier": "github:npm/ghsa-mh6f-8j2x-4483", + "item": { + "Advisory": { + "CVE": [], + "CVSS": { + "base_metrics": { + "base_score": 9.8, + "base_severity": "Critical", + "exploitability_score": 3.9, + "impact_score": 5.9 + }, + "status": "N/A", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "Classification": "GENERAL", + "FixedIn": [ + { + "ecosystem": "npm", + "identifier": "None", + "name": "flatmap-stream", + "namespace": "github:npm", + "range": "" + }, + { + "ecosystem": "npm", + "identifier": "4.0.0", + "name": "event-stream", + "namespace": "github:npm", + "range": "" + } + ], + "Metadata": { + "CVE": [] + }, + "Severity": "Critical", + "Summary": "Critical severity vulnerability that affects flatmap-stream and event-stream", + "ghsaId": "GHSA-mh6f-8j2x-4483", + "namespace": "github:npm", + "published": "2018-11-26T23:58:21Z", + "updated": "2023-01-12T05:08:40Z", + "url": "https://github.com/advisories/GHSA-mh6f-8j2x-4483", + "withdrawn": null + }, + "Vulnerability": {} + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/github-security-advisory/schema-1.0.1.json" +} diff --git a/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2022-3736.json b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2022-3736.json index f2432f52..00a07171 100644 --- a/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2022-3736.json +++ b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2022-3736.json @@ -1 +1,29 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"mariner:2.0/CVE-2022-3736","item":{"Vulnerability":{"Name":"CVE-2022-3736","NamespaceName":"mariner:2.0","Description":"CVE-2022-3736 affecting package bind 9.16.33-1. No patch is available currently.","Severity":"High","Link":"https://nvd.nist.gov/vuln/detail/CVE-2022-3736","CVSS":[],"FixedIn":[{"Name":"bind","NamespaceName":"mariner:2.0","VersionFormat":"rpm","Version":"None","Module":"","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]},"VulnerableRange":"<= 0:9.16.33-1.cm2"}],"Metadata":{}}}} +{ + "identifier": "mariner:2.0/CVE-2022-3736", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "CVE-2022-3736 affecting package bind 9.16.33-1. No patch is available currently.", + "FixedIn": [ + { + "Module": "", + "Name": "bind", + "NamespaceName": "mariner:2.0", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "rpm", + "VulnerableRange": "<= 0:9.16.33-1.cm2" + } + ], + "Link": "https://nvd.nist.gov/vuln/detail/CVE-2022-3736", + "Metadata": {}, + "Name": "CVE-2022-3736", + "NamespaceName": "mariner:2.0", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21977.json b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21977.json index da5bcc9e..e56feaeb 100644 --- a/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21977.json +++ b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21977.json @@ -1 +1,29 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"mariner:2.0/CVE-2023-21977","item":{"Vulnerability":{"Name":"CVE-2023-21977","NamespaceName":"mariner:2.0","Description":"CVE-2023-21977 affecting package mysql 8.0.32-1. An upgraded version of the package is available that resolves this issue.","Severity":"Medium","Link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21977","CVSS":[],"FixedIn":[{"Name":"mysql","NamespaceName":"mariner:2.0","VersionFormat":"rpm","Version":"0:8.0.33-1.cm2","Module":"","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]},"VulnerableRange":"< 0:8.0.33-1.cm2"}],"Metadata":{}}}} +{ + "identifier": "mariner:2.0/CVE-2023-21977", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "CVE-2023-21977 affecting package mysql 8.0.32-1. An upgraded version of the package is available that resolves this issue.", + "FixedIn": [ + { + "Module": "", + "Name": "mysql", + "NamespaceName": "mariner:2.0", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "0:8.0.33-1.cm2", + "VersionFormat": "rpm", + "VulnerableRange": "< 0:8.0.33-1.cm2" + } + ], + "Link": "https://nvd.nist.gov/vuln/detail/CVE-2023-21977", + "Metadata": {}, + "Name": "CVE-2023-21977", + "NamespaceName": "mariner:2.0", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21980.json b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21980.json index f6946145..239ddcc0 100644 --- a/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21980.json +++ b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21980.json @@ -1 +1,29 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"mariner:2.0/CVE-2023-21980","item":{"Vulnerability":{"Name":"CVE-2023-21980","NamespaceName":"mariner:2.0","Description":"CVE-2023-21980 affecting package mysql 8.0.32-1. An upgraded version of the package is available that resolves this issue.","Severity":"High","Link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21980","CVSS":[],"FixedIn":[{"Name":"mysql","NamespaceName":"mariner:2.0","VersionFormat":"rpm","Version":"0:8.0.33-1.cm2","Module":"","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]},"VulnerableRange":"< 0:8.0.33-1.cm2"}],"Metadata":{}}}} +{ + "identifier": "mariner:2.0/CVE-2023-21980", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "CVE-2023-21980 affecting package mysql 8.0.32-1. An upgraded version of the package is available that resolves this issue.", + "FixedIn": [ + { + "Module": "", + "Name": "mysql", + "NamespaceName": "mariner:2.0", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "0:8.0.33-1.cm2", + "VersionFormat": "rpm", + "VulnerableRange": "< 0:8.0.33-1.cm2" + } + ], + "Link": "https://nvd.nist.gov/vuln/detail/CVE-2023-21980", + "Metadata": {}, + "Name": "CVE-2023-21980", + "NamespaceName": "mariner:2.0", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-29404.json b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-29404.json index e193890e..b9eb836b 100644 --- a/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-29404.json +++ b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-29404.json @@ -1 +1,29 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"mariner:2.0/CVE-2023-29404","item":{"Vulnerability":{"Name":"CVE-2023-29404","NamespaceName":"mariner:2.0","Description":"CVE-2023-29404 affecting package golang for versions less than 1.20.7-1. A patched version of the package is available.","Severity":"Critical","Link":"https://nvd.nist.gov/vuln/detail/CVE-2023-29404","CVSS":[],"FixedIn":[{"Name":"golang","NamespaceName":"mariner:2.0","VersionFormat":"rpm","Version":"0:1.20.7-1.cm2","Module":"","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]},"VulnerableRange":"> 0:1.19.0.cm2, < 0:1.20.7-1.cm2"}],"Metadata":{}}}} +{ + "identifier": "mariner:2.0/CVE-2023-29404", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "CVE-2023-29404 affecting package golang for versions less than 1.20.7-1. A patched version of the package is available.", + "FixedIn": [ + { + "Module": "", + "Name": "golang", + "NamespaceName": "mariner:2.0", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "0:1.20.7-1.cm2", + "VersionFormat": "rpm", + "VulnerableRange": "> 0:1.19.0.cm2, < 0:1.20.7-1.cm2" + } + ], + "Link": "https://nvd.nist.gov/vuln/detail/CVE-2023-29404", + "Metadata": {}, + "Name": "CVE-2023-29404", + "NamespaceName": "mariner:2.0", + "Severity": "Critical" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-20581.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-20581.json index 40133c0e..4bad7be1 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-20581.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-20581.json @@ -1 +1,142 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2021/cve-2021-20581","item":{"cve":{"id":"CVE-2021-20581","sourceIdentifier":"psirt@us.ibm.com","published":"2023-10-17T02:15:09.813","lastModified":"2023-10-18T17:58:51.443","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"\nIBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 199324.\n\n"},{"lang":"es","value":"IBM Security Verify Privilege On-Premises 11.5 podría permitir a un usuario obtener información confidencial debido a una expiración insuficiente de la sesión. ID de IBM X-Force: 199324."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-613"}]},{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-613"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*","versionEndExcluding":"11.5","matchCriteriaId":"CEE9CBED-455C-4B83-A735-76EE4C7E331A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/199324","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/7047202","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]}]}}} +{ + "identifier": "2021/cve-2021-20581", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CEE9CBED-455C-4B83-A735-76EE4C7E331A", + "versionEndExcluding": "11.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + }, + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", + "vulnerable": false + }, + { + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", + "vulnerable": false + } + ], + "negate": false, + "operator": "OR" + } + ], + "operator": "AND" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 199324.\n\n" + }, + { + "lang": "es", + "value": "IBM Security Verify Privilege On-Premises 11.5 podría permitir a un usuario obtener información confidencial debido a una expiración insuficiente de la sesión. ID de IBM X-Force: 199324." + } + ], + "id": "CVE-2021-20581", + "lastModified": "2023-10-18T17:58:51.443", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4, + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-17T02:15:09.813", + "references": [ + { + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ], + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199324" + }, + { + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ], + "url": "https://www.ibm.com/support/pages/node/7047202" + } + ], + "sourceIdentifier": "psirt@us.ibm.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-613" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-613" + } + ], + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-29913.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-29913.json index dab057d3..ea33f74d 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-29913.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-29913.json @@ -1 +1,142 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2021/cve-2021-29913","item":{"cve":{"id":"CVE-2021-29913","sourceIdentifier":"psirt@us.ibm.com","published":"2023-10-17T02:15:09.910","lastModified":"2023-10-18T17:59:20.763","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"\nIBM Security Verify Privilege On-Premise 11.5 could allow an authenticated user to obtain sensitive information or perform unauthorized actions due to improper input validation. IBM X-Force ID: 207898.\n\n"},{"lang":"es","value":"IBM Security Verify Privilege On-Premise 11.5 podría permitir que un usuario autenticado obtenga información confidencial o realice acciones no autorizadas debido a una validación de entrada incorrecta. ID de IBM X-Force: 207898."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":7.1,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2},{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.3,"impactScore":4.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*","versionEndExcluding":"11.5","matchCriteriaId":"CEE9CBED-455C-4B83-A735-76EE4C7E331A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/207898","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/7047202","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]}]}}} +{ + "identifier": "2021/cve-2021-29913", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CEE9CBED-455C-4B83-A735-76EE4C7E331A", + "versionEndExcluding": "11.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + }, + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", + "vulnerable": false + }, + { + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", + "vulnerable": false + } + ], + "negate": false, + "operator": "OR" + } + ], + "operator": "AND" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Security Verify Privilege On-Premise 11.5 could allow an authenticated user to obtain sensitive information or perform unauthorized actions due to improper input validation. IBM X-Force ID: 207898.\n\n" + }, + { + "lang": "es", + "value": "IBM Security Verify Privilege On-Premise 11.5 podría permitir que un usuario autenticado obtenga información confidencial o realice acciones no autorizadas debido a una validación de entrada incorrecta. ID de IBM X-Force: 207898." + } + ], + "id": "CVE-2021-29913", + "lastModified": "2023-10-18T17:59:20.763", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N", + "version": "3.1" + }, + "exploitabilityScore": 1.3, + "impactScore": 4.7, + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-17T02:15:09.910", + "references": [ + { + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ], + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/207898" + }, + { + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ], + "url": "https://www.ibm.com/support/pages/node/7047202" + } + ], + "sourceIdentifier": "psirt@us.ibm.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ], + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-38859.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-38859.json index 67f91ec6..c0fa4a2f 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-38859.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2021/cve-2021-38859.json @@ -1 +1,142 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2021/cve-2021-38859","item":{"cve":{"id":"CVE-2021-38859","sourceIdentifier":"psirt@us.ibm.com","published":"2023-10-17T02:15:10.000","lastModified":"2023-10-18T17:59:31.703","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"\nIBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain version number information using a specially crafted HTTP request that could be used in further attacks against the system. IBM X-Force ID: 207899.\n\n"},{"lang":"es","value":"IBM Security Verify Privilege On-Premises 11.5 podría permitir a un usuario obtener información del número de versión mediante una solicitud HTTP especialmente manipulada que podría usarse en futuros ataques contra el System. ID de IBM X-Force: 207899."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*","versionEndExcluding":"11.5","matchCriteriaId":"CEE9CBED-455C-4B83-A735-76EE4C7E331A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/207899","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/7047202","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]}]}}} +{ + "identifier": "2021/cve-2021-38859", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CEE9CBED-455C-4B83-A735-76EE4C7E331A", + "versionEndExcluding": "11.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + }, + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", + "vulnerable": false + }, + { + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", + "vulnerable": false + } + ], + "negate": false, + "operator": "OR" + } + ], + "operator": "AND" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain version number information using a specially crafted HTTP request that could be used in further attacks against the system. IBM X-Force ID: 207899.\n\n" + }, + { + "lang": "es", + "value": "IBM Security Verify Privilege On-Premises 11.5 podría permitir a un usuario obtener información del número de versión mediante una solicitud HTTP especialmente manipulada que podría usarse en futuros ataques contra el System. ID de IBM X-Force: 207899." + } + ], + "id": "CVE-2021-38859", + "lastModified": "2023-10-18T17:59:31.703", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4, + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-17T02:15:10.000", + "references": [ + { + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ], + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/207899" + }, + { + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ], + "url": "https://www.ibm.com/support/pages/node/7047202" + } + ], + "sourceIdentifier": "psirt@us.ibm.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ], + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22375.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22375.json index 8fc49239..f36dd18e 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22375.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22375.json @@ -1 +1,142 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2022/cve-2022-22375","item":{"cve":{"id":"CVE-2022-22375","sourceIdentifier":"psirt@us.ibm.com","published":"2023-10-17T02:15:10.090","lastModified":"2023-10-18T17:59:45.190","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"\nIBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 221681.\n\n"},{"lang":"es","value":"IBM Security Verify Privilege On-Premises 11.5 podría permitir que un atacante remoto autenticado ejecute comandos arbitrarios en el System enviando una solicitud especialmente manipulada. ID de IBM X-Force: 221681."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*","versionEndExcluding":"11.5","matchCriteriaId":"CEE9CBED-455C-4B83-A735-76EE4C7E331A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/221681","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/7047202","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]}]}}} +{ + "identifier": "2022/cve-2022-22375", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CEE9CBED-455C-4B83-A735-76EE4C7E331A", + "versionEndExcluding": "11.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + }, + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", + "vulnerable": false + }, + { + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", + "vulnerable": false + } + ], + "negate": false, + "operator": "OR" + } + ], + "operator": "AND" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 221681.\n\n" + }, + { + "lang": "es", + "value": "IBM Security Verify Privilege On-Premises 11.5 podría permitir que un atacante remoto autenticado ejecute comandos arbitrarios en el System enviando una solicitud especialmente manipulada. ID de IBM X-Force: 221681." + } + ], + "id": "CVE-2022-22375", + "lastModified": "2023-10-18T17:59:45.190", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9, + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-17T02:15:10.090", + "references": [ + { + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ], + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221681" + }, + { + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ], + "url": "https://www.ibm.com/support/pages/node/7047202" + } + ], + "sourceIdentifier": "psirt@us.ibm.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ], + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22377.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22377.json index b4282a49..f4cccdf6 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22377.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22377.json @@ -1 +1,142 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2022/cve-2022-22377","item":{"cve":{"id":"CVE-2022-22377","sourceIdentifier":"psirt@us.ibm.com","published":"2023-10-17T01:15:09.687","lastModified":"2023-10-18T17:57:47.170","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 221827."},{"lang":"es","value":"IBM Security Verify Privilege On-Premises 11.5 podría permitir que un atacante remoto obtenga información confidencial, causada por no habilitar correctamente HTTP Strict Transport Security. Un atacante podría aprovechar esta vulnerabilidad para obtener información confidencial utilizando técnicas de intermediario. ID de IBM X-Force: 221827."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.6,"impactScore":3.6},{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.6,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-311"}]},{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-311"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*","versionEndExcluding":"11.5","matchCriteriaId":"CEE9CBED-455C-4B83-A735-76EE4C7E331A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/221827","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/7047202","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]}]}}} +{ + "identifier": "2022/cve-2022-22377", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CEE9CBED-455C-4B83-A735-76EE4C7E331A", + "versionEndExcluding": "11.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + }, + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", + "vulnerable": false + }, + { + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", + "vulnerable": false + } + ], + "negate": false, + "operator": "OR" + } + ], + "operator": "AND" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 221827." + }, + { + "lang": "es", + "value": "IBM Security Verify Privilege On-Premises 11.5 podría permitir que un atacante remoto obtenga información confidencial, causada por no habilitar correctamente HTTP Strict Transport Security. Un atacante podría aprovechar esta vulnerabilidad para obtener información confidencial utilizando técnicas de intermediario. ID de IBM X-Force: 221827." + } + ], + "id": "CVE-2022-22377", + "lastModified": "2023-10-18T17:57:47.170", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6, + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-17T01:15:09.687", + "references": [ + { + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ], + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221827" + }, + { + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ], + "url": "https://www.ibm.com/support/pages/node/7047202" + } + ], + "sourceIdentifier": "psirt@us.ibm.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-311" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-311" + } + ], + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22380.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22380.json index c12e784e..d3402b59 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22380.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22380.json @@ -1 +1,142 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2022/cve-2022-22380","item":{"cve":{"id":"CVE-2022-22380","sourceIdentifier":"psirt@us.ibm.com","published":"2023-10-17T02:15:10.177","lastModified":"2023-10-18T18:00:02.107","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"\nIBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity due to improperly validating certificates. IBM X-Force ID: 221957.\n\n"},{"lang":"es","value":"IBM Security Verify Privilege On-Premises 11.5 podría permitir a un atacante falsificar una entidad de confianza debido a una validación incorrecta de los certificados. ID de IBM X-Force: 221957."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":5.0,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.6,"impactScore":3.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]},{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*","versionEndExcluding":"11.5","matchCriteriaId":"CEE9CBED-455C-4B83-A735-76EE4C7E331A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/221957","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/7047202","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]}]}}} +{ + "identifier": "2022/cve-2022-22380", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CEE9CBED-455C-4B83-A735-76EE4C7E331A", + "versionEndExcluding": "11.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + }, + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", + "vulnerable": false + }, + { + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", + "vulnerable": false + } + ], + "negate": false, + "operator": "OR" + } + ], + "operator": "AND" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity due to improperly validating certificates. IBM X-Force ID: 221957.\n\n" + }, + { + "lang": "es", + "value": "IBM Security Verify Privilege On-Premises 11.5 podría permitir a un atacante falsificar una entidad de confianza debido a una validación incorrecta de los certificados. ID de IBM X-Force: 221957." + } + ], + "id": "CVE-2022-22380", + "lastModified": "2023-10-18T18:00:02.107", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.0, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", + "version": "3.1" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.4, + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-17T02:15:10.177", + "references": [ + { + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ], + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221957" + }, + { + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ], + "url": "https://www.ibm.com/support/pages/node/7047202" + } + ], + "sourceIdentifier": "psirt@us.ibm.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ], + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22384.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22384.json index 142470d1..e3de780d 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22384.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22384.json @@ -1 +1,142 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2022/cve-2022-22384","item":{"cve":{"id":"CVE-2022-22384","sourceIdentifier":"psirt@us.ibm.com","published":"2023-10-17T01:15:09.773","lastModified":"2023-10-18T17:58:36.670","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"\nIBM Security Verify Privilege On-Premises 11.5 could allow an attacker to modify messages returned from the server due to hazardous input validation. IBM X-Force ID: 221961.\n\n"},{"lang":"es","value":"IBM Security Verify Privilege On-Premises 11.5 podría permitir a un atacante modificar los mensajes devueltos por el servidor debido a una validación de entrada peligrosa. ID de IBM X-Force: 221961."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*","versionEndExcluding":"11.5","matchCriteriaId":"CEE9CBED-455C-4B83-A735-76EE4C7E331A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/221961","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/7047202","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]}]}}} +{ + "identifier": "2022/cve-2022-22384", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CEE9CBED-455C-4B83-A735-76EE4C7E331A", + "versionEndExcluding": "11.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + }, + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", + "vulnerable": false + }, + { + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", + "vulnerable": false + } + ], + "negate": false, + "operator": "OR" + } + ], + "operator": "AND" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Security Verify Privilege On-Premises 11.5 could allow an attacker to modify messages returned from the server due to hazardous input validation. IBM X-Force ID: 221961.\n\n" + }, + { + "lang": "es", + "value": "IBM Security Verify Privilege On-Premises 11.5 podría permitir a un atacante modificar los mensajes devueltos por el servidor debido a una validación de entrada peligrosa. ID de IBM X-Force: 221961." + } + ], + "id": "CVE-2022-22384", + "lastModified": "2023-10-18T17:58:36.670", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4, + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-17T01:15:09.773", + "references": [ + { + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ], + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221961" + }, + { + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ], + "url": "https://www.ibm.com/support/pages/node/7047202" + } + ], + "sourceIdentifier": "psirt@us.ibm.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ], + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22385.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22385.json index 33478ab2..ee565fb1 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22385.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-22385.json @@ -1 +1,141 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2022/cve-2022-22385","item":{"cve":{"id":"CVE-2022-22385","sourceIdentifier":"psirt@us.ibm.com","published":"2023-10-17T02:15:10.257","lastModified":"2023-10-18T18:00:15.817","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"\nIBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information to an attacked due to the transmission of data in clear text. IBM X-Force ID: 221962.\n\n"},{"lang":"es","value":"IBM Security Verify Privilege On-Premises 11.5 podría revelar información confidencial a un atacante debido a la transmisión de datos en texto plano. ID de IBM X-Force: 221962."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.9,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.2,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-319"}]},{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-319"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*","versionEndExcluding":"11.5","matchCriteriaId":"CEE9CBED-455C-4B83-A735-76EE4C7E331A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/221962","source":"psirt@us.ibm.com","tags":["VDB Entry"]},{"url":"https://www.ibm.com/support/pages/node/7047202","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]}]}}} +{ + "identifier": "2022/cve-2022-22385", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CEE9CBED-455C-4B83-A735-76EE4C7E331A", + "versionEndExcluding": "11.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + }, + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", + "vulnerable": false + }, + { + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", + "vulnerable": false + } + ], + "negate": false, + "operator": "OR" + } + ], + "operator": "AND" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information to an attacked due to the transmission of data in clear text. IBM X-Force ID: 221962.\n\n" + }, + { + "lang": "es", + "value": "IBM Security Verify Privilege On-Premises 11.5 podría revelar información confidencial a un atacante debido a la transmisión de datos en texto plano. ID de IBM X-Force: 221962." + } + ], + "id": "CVE-2022-22385", + "lastModified": "2023-10-18T18:00:15.817", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6, + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-17T02:15:10.257", + "references": [ + { + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry" + ], + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221962" + }, + { + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ], + "url": "https://www.ibm.com/support/pages/node/7047202" + } + ], + "sourceIdentifier": "psirt@us.ibm.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-319" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-319" + } + ], + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43889.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43889.json index 261300fd..a9a647a6 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43889.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43889.json @@ -1 +1,141 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2022/cve-2022-43889","item":{"cve":{"id":"CVE-2022-43889","sourceIdentifier":"psirt@us.ibm.com","published":"2023-10-17T02:15:10.427","lastModified":"2023-10-18T18:04:04.597","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"\nIBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information through an HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 240452.\n\n"},{"lang":"es","value":"IBM Security Verify Privilege On-Premises 11.5 podría revelar información confidencial a través de una solicitud HTTP que podría ayudar a un atacante en futuros ataques contra el System. ID de IBM X-Force: 240452."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*","versionEndExcluding":"11.5","matchCriteriaId":"CEE9CBED-455C-4B83-A735-76EE4C7E331A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/240452","source":"psirt@us.ibm.com","tags":["VDB Entry"]},{"url":"https://www.ibm.com/support/pages/node/7047202","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]}]}}} +{ + "identifier": "2022/cve-2022-43889", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CEE9CBED-455C-4B83-A735-76EE4C7E331A", + "versionEndExcluding": "11.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + }, + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", + "vulnerable": false + }, + { + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", + "vulnerable": false + } + ], + "negate": false, + "operator": "OR" + } + ], + "operator": "AND" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information through an HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 240452.\n\n" + }, + { + "lang": "es", + "value": "IBM Security Verify Privilege On-Premises 11.5 podría revelar información confidencial a través de una solicitud HTTP que podría ayudar a un atacante en futuros ataques contra el System. ID de IBM X-Force: 240452." + } + ], + "id": "CVE-2022-43889", + "lastModified": "2023-10-18T18:04:04.597", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4, + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-17T02:15:10.427", + "references": [ + { + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry" + ], + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/240452" + }, + { + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ], + "url": "https://www.ibm.com/support/pages/node/7047202" + } + ], + "sourceIdentifier": "psirt@us.ibm.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ], + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43891.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43891.json index c486cb19..426d9d22 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43891.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43891.json @@ -1 +1,142 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2022/cve-2022-43891","item":{"cve":{"id":"CVE-2022-43891","sourceIdentifier":"psirt@us.ibm.com","published":"2023-10-17T03:15:09.520","lastModified":"2023-10-18T18:02:44.460","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"\nIBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 240454.\n\n"},{"lang":"es","value":"IBM Security Verify Privilege On-Premises 11.5 podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría usarse en futuros ataques contra el System. ID de IBM X-Force: 240454."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.7,"baseSeverity":"LOW"},"exploitabilityScore":1.2,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-209"}]},{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-209"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*","versionEndExcluding":"11.5","matchCriteriaId":"CEE9CBED-455C-4B83-A735-76EE4C7E331A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/240454","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/7047202","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]}]}}} +{ + "identifier": "2022/cve-2022-43891", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CEE9CBED-455C-4B83-A735-76EE4C7E331A", + "versionEndExcluding": "11.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + }, + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", + "vulnerable": false + }, + { + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", + "vulnerable": false + } + ], + "negate": false, + "operator": "OR" + } + ], + "operator": "AND" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 240454.\n\n" + }, + { + "lang": "es", + "value": "IBM Security Verify Privilege On-Premises 11.5 podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría usarse en futuros ataques contra el System. ID de IBM X-Force: 240454." + } + ], + "id": "CVE-2022-43891", + "lastModified": "2023-10-18T18:02:44.460", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 2.7, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4, + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-17T03:15:09.520", + "references": [ + { + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ], + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/240454" + }, + { + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ], + "url": "https://www.ibm.com/support/pages/node/7047202" + } + ], + "sourceIdentifier": "psirt@us.ibm.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ], + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43893.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43893.json index 779e2e6f..1715adc5 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43893.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2022/cve-2022-43893.json @@ -1 +1,142 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2022/cve-2022-43893","item":{"cve":{"id":"CVE-2022-43893","sourceIdentifier":"psirt@us.ibm.com","published":"2023-10-17T02:15:10.507","lastModified":"2023-10-18T18:03:11.993","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"\nIBM Security Verify Privilege On-Premises 11.5 could allow a privileged user to cause by using a malicious payload. IBM X-Force ID: 240634.\n\n"},{"lang":"es","value":"IBM Security Verify Privilege On-Premises 11.5 podría permitir que un usuario privilegiado cause una vulnerabilidad por el consumo de recursos de un payload malicioso. ID de IBM X-Force: 240634."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":4.4,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.8,"impactScore":3.6},{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW","baseScore":2.7,"baseSeverity":"LOW"},"exploitabilityScore":1.2,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*","versionEndExcluding":"11.5","matchCriteriaId":"CEE9CBED-455C-4B83-A735-76EE4C7E331A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/240534","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/7047202","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]}]}}} +{ + "identifier": "2022/cve-2022-43893", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:ibm:security_verify_privilege_on-premises:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CEE9CBED-455C-4B83-A735-76EE4C7E331A", + "versionEndExcluding": "11.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + }, + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", + "vulnerable": false + }, + { + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", + "vulnerable": false + } + ], + "negate": false, + "operator": "OR" + } + ], + "operator": "AND" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Security Verify Privilege On-Premises 11.5 could allow a privileged user to cause by using a malicious payload. IBM X-Force ID: 240634.\n\n" + }, + { + "lang": "es", + "value": "IBM Security Verify Privilege On-Premises 11.5 podría permitir que un usuario privilegiado cause una vulnerabilidad por el consumo de recursos de un payload malicioso. ID de IBM X-Force: 240634." + } + ], + "id": "CVE-2022-43893", + "lastModified": "2023-10-18T18:03:11.993", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 2.7, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", + "version": "3.1" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4, + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-17T02:15:10.507", + "references": [ + { + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ], + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/240534" + }, + { + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ], + "url": "https://www.ibm.com/support/pages/node/7047202" + } + ], + "sourceIdentifier": "psirt@us.ibm.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ], + "source": "psirt@us.ibm.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-20261.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-20261.json index f4665de9..2775cae8 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-20261.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-20261.json @@ -1 +1,49 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-20261","item":{"cve":{"id":"CVE-2023-20261","sourceIdentifier":"ykramarz@cisco.com","published":"2023-10-18T17:15:08.467","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system.\r\n\r This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerability by logging in to Cisco Catalyst SD-WAN Manager and issuing crafted requests using the web UI. A successful exploit could allow the attacker to obtain arbitrary files from the underlying Linux file system of an affected system. To exploit this vulnerability, the attacker must be an authenticated user."}],"metrics":{"cvssMetricV31":[{"source":"ykramarz@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6}]},"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-lfi-OWLbKUGe","source":"ykramarz@cisco.com"}]}}} +{ + "identifier": "2023/cve-2023-20261", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system.\r\n\r This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerability by logging in to Cisco Catalyst SD-WAN Manager and issuing crafted requests using the web UI. A successful exploit could allow the attacker to obtain arbitrary files from the underlying Linux file system of an affected system. To exploit this vulnerability, the attacker must be an authenticated user." + } + ], + "id": "CVE-2023-20261", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6, + "source": "ykramarz@cisco.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-18T17:15:08.467", + "references": [ + { + "source": "ykramarz@cisco.com", + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-lfi-OWLbKUGe" + } + ], + "sourceIdentifier": "ykramarz@cisco.com", + "vulnStatus": "Awaiting Analysis" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-22068.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-22068.json index 67af4fd9..6c0a56d5 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-22068.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-22068.json @@ -1 +1,92 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-22068","item":{"cve":{"id":"CVE-2023-22068","sourceIdentifier":"secalert_us@oracle.com","published":"2023-10-17T22:15:12.617","lastModified":"2023-10-18T17:56:38.083","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."},{"lang":"es","value":"Vulnerabilidad en el producto MySQL Server de Oracle MySQL (componente: InnoDB). Las versiones compatibles que se ven afectadas son la 8.0.34 y anteriores y la 8.1.0. Una vulnerabilidad fácilmente explotable permite que un atacante con altos privilegios y acceso a la red a través de múltiples protocolos comprometa el servidor MySQL. Los ataques exitosos a esta vulnerabilidad pueden resultar en una capacidad no autorizada de provocar un bloqueo o una falla frecuentemente repetible (DOS completo) del servidor MySQL. CVSS 3.1 Puntuación base 4.9 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":4.9,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.2,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0","versionEndIncluding":"8.0.34","matchCriteriaId":"F5D3C348-07C4-4E6E-9E47-CECBEBA4223B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql:8.1.0:*:*:*:*:*:*:*","matchCriteriaId":"16FFE86C-A164-406B-93DA-A6A75D380FDF"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpuoct2023.html","source":"secalert_us@oracle.com","tags":["Vendor Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-22068", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", + "matchCriteriaId": "F5D3C348-07C4-4E6E-9E47-CECBEBA4223B", + "versionEndIncluding": "8.0.34", + "versionStartIncluding": "8.0", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:oracle:mysql:8.1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "16FFE86C-A164-406B-93DA-A6A75D380FDF", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." + }, + { + "lang": "es", + "value": "Vulnerabilidad en el producto MySQL Server de Oracle MySQL (componente: InnoDB). Las versiones compatibles que se ven afectadas son la 8.0.34 y anteriores y la 8.1.0. Una vulnerabilidad fácilmente explotable permite que un atacante con altos privilegios y acceso a la red a través de múltiples protocolos comprometa el servidor MySQL. Los ataques exitosos a esta vulnerabilidad pueden resultar en una capacidad no autorizada de provocar un bloqueo o una falla frecuentemente repetible (DOS completo) del servidor MySQL. CVSS 3.1 Puntuación base 4.9 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." + } + ], + "id": "CVE-2023-22068", + "lastModified": "2023-10-18T17:56:38.083", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6, + "source": "secalert_us@oracle.com", + "type": "Primary" + } + ] + }, + "published": "2023-10-17T22:15:12.617", + "references": [ + { + "source": "secalert_us@oracle.com", + "tags": [ + "Vendor Advisory" + ], + "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" + } + ], + "sourceIdentifier": "secalert_us@oracle.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-27314.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-27314.json index e8f56bc9..c966fe2e 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-27314.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-27314.json @@ -1 +1,157 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-27314","item":{"cve":{"id":"CVE-2023-27314","sourceIdentifier":"security-alert@netapp.com","published":"2023-10-12T19:15:11.747","lastModified":"2023-10-18T18:00:24.900","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"ONTAP 9 versions prior to 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, \n9.12.1P2 and 9.13.1 are susceptible to a vulnerability which could allow\n a remote unauthenticated attacker to cause a crash of the HTTP service."},{"lang":"es","value":"Las versiones de ONTAP 9 anteriores a 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12.1P2 y 9.13.1 son susceptibles a una vulnerabilidad que podría permitir que un atacante remoto no autenticado provoque una falla del servicio HTTP."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"security-alert@netapp.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"security-alert@netapp.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0","versionEndExcluding":"9.8","matchCriteriaId":"D9342DC4-2928-49B6-AACA-95B3DE9C994A"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:9.8:-:*:*:*:*:*:*","matchCriteriaId":"BE523D87-B51F-41F2-9B6F-A85AB28FF3DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:9.8:p7:*:*:*:*:*:*","matchCriteriaId":"B353C687-391F-476E-9199-2D769842E019"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:9.9.1:-:*:*:*:*:*:*","matchCriteriaId":"E0284DC1-9FAA-4979-82C3-AB7347614C80"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:9.9.1:p3:*:*:*:*:*:*","matchCriteriaId":"76CBFD8A-CE4C-4337-8F22-397DDCC1B074"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:9.10.0:-:*:*:*:*:*:*","matchCriteriaId":"E932E75A-46F0-47AA-9EFE-11D7127D4015"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:9.10.1:-:*:*:*:*:*:*","matchCriteriaId":"F1A4278F-D9A9-4C39-AC53-AB35DB921E02"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:9.12.0:-:*:*:*:*:*:*","matchCriteriaId":"CABEEE42-6098-4259-ABAA-8D8D7BEEB0A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:9.13.0:-:*:*:*:*:*:*","matchCriteriaId":"BE4AE3BB-685A-466F-B4FA-D49D366C6598"}]}]}],"references":[{"url":"https://security.netapp.com/advisory/ntap-20231009-0001/","source":"security-alert@netapp.com","tags":["Vendor Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-27314", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*", + "matchCriteriaId": "D9342DC4-2928-49B6-AACA-95B3DE9C994A", + "versionEndExcluding": "9.8", + "versionStartIncluding": "9.0", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.8:-:*:*:*:*:*:*", + "matchCriteriaId": "BE523D87-B51F-41F2-9B6F-A85AB28FF3DC", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.8:p7:*:*:*:*:*:*", + "matchCriteriaId": "B353C687-391F-476E-9199-2D769842E019", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.9.1:-:*:*:*:*:*:*", + "matchCriteriaId": "E0284DC1-9FAA-4979-82C3-AB7347614C80", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.9.1:p3:*:*:*:*:*:*", + "matchCriteriaId": "76CBFD8A-CE4C-4337-8F22-397DDCC1B074", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.10.0:-:*:*:*:*:*:*", + "matchCriteriaId": "E932E75A-46F0-47AA-9EFE-11D7127D4015", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.10.1:-:*:*:*:*:*:*", + "matchCriteriaId": "F1A4278F-D9A9-4C39-AC53-AB35DB921E02", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.12.0:-:*:*:*:*:*:*", + "matchCriteriaId": "CABEEE42-6098-4259-ABAA-8D8D7BEEB0A0", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.13.0:-:*:*:*:*:*:*", + "matchCriteriaId": "BE4AE3BB-685A-466F-B4FA-D49D366C6598", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "ONTAP 9 versions prior to 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, \n9.12.1P2 and 9.13.1 are susceptible to a vulnerability which could allow\n a remote unauthenticated attacker to cause a crash of the HTTP service." + }, + { + "lang": "es", + "value": "Las versiones de ONTAP 9 anteriores a 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12.1P2 y 9.13.1 son susceptibles a una vulnerabilidad que podría permitir que un atacante remoto no autenticado provoque una falla del servicio HTTP." + } + ], + "id": "CVE-2023-27314", + "lastModified": "2023-10-18T18:00:24.900", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6, + "source": "security-alert@netapp.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-12T19:15:11.747", + "references": [ + { + "source": "security-alert@netapp.com", + "tags": [ + "Vendor Advisory" + ], + "url": "https://security.netapp.com/advisory/ntap-20231009-0001/" + } + ], + "sourceIdentifier": "security-alert@netapp.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ], + "source": "security-alert@netapp.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-30781.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-30781.json index 034a451b..d2155428 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-30781.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-30781.json @@ -1 +1,65 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-30781","item":{"cve":{"id":"CVE-2023-30781","sourceIdentifier":"audit@patchstack.com","published":"2023-10-18T14:15:09.237","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Theme Blvd Tweeple plugin <= 0.9.5 versions."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento Theme Blvd Tweeple en versiones <= 0.9.5."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":7.1,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/tweeple/wordpress-tweeple-plugin-0-9-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}} +{ + "identifier": "2023/cve-2023-30781", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Theme Blvd Tweeple plugin <= 0.9.5 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento Theme Blvd Tweeple en versiones <= 0.9.5." + } + ], + "id": "CVE-2023-30781", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7, + "source": "audit@patchstack.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-18T14:15:09.237", + "references": [ + { + "source": "audit@patchstack.com", + "url": "https://patchstack.com/database/vulnerability/tweeple/wordpress-tweeple-plugin-0-9-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ], + "sourceIdentifier": "audit@patchstack.com", + "vulnStatus": "Awaiting Analysis", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ], + "source": "audit@patchstack.com", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3706.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3706.json index 7e0e0a1e..dd849539 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3706.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3706.json @@ -1 +1,87 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-3706","item":{"cve":{"id":"CVE-2023-3706","sourceIdentifier":"contact@wpscan.com","published":"2023-10-16T20:15:14.780","lastModified":"2023-10-18T17:56:56.103","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"The ActivityPub WordPress plugin before 1.0.0 does not ensure that post titles to be displayed are public and belong to the plugin, allowing any authenticated user, such as subscriber to retrieve the title of arbitrary post (such as draft and private) via an IDOR vector"},{"lang":"es","value":"El complemento ActivityPub de WordPress anterior a 1.0.0 no garantiza que los títulos de las publicaciones que se mostrarán sean públicos y pertenezcan al complemento, lo que permite a cualquier usuario autenticado, como un suscriptor, recuperar el título de una publicación arbitraria (como borrador y privada) a través de un IDOR vector"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"contact@wpscan.com","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:automattic:activitypub:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"1.0.0","matchCriteriaId":"78ADABE4-21BE-4F20-BE6D-BB12EDBCD26F"}]}]}],"references":[{"url":"https://wpscan.com/vulnerability/daa4d93a-f8b1-4809-a18e-8ab63a05de5a","source":"contact@wpscan.com","tags":["Exploit","Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-3706", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:automattic:activitypub:*:*:*:*:*:wordpress:*:*", + "matchCriteriaId": "78ADABE4-21BE-4F20-BE6D-BB12EDBCD26F", + "versionEndExcluding": "1.0.0", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "The ActivityPub WordPress plugin before 1.0.0 does not ensure that post titles to be displayed are public and belong to the plugin, allowing any authenticated user, such as subscriber to retrieve the title of arbitrary post (such as draft and private) via an IDOR vector" + }, + { + "lang": "es", + "value": "El complemento ActivityPub de WordPress anterior a 1.0.0 no garantiza que los títulos de las publicaciones que se mostrarán sean públicos y pertenezcan al complemento, lo que permite a cualquier usuario autenticado, como un suscriptor, recuperar el título de una publicación arbitraria (como borrador y privada) a través de un IDOR vector" + } + ], + "id": "CVE-2023-3706", + "lastModified": "2023-10-18T17:56:56.103", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4, + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + }, + "published": "2023-10-16T20:15:14.780", + "references": [ + { + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ], + "url": "https://wpscan.com/vulnerability/daa4d93a-f8b1-4809-a18e-8ab63a05de5a" + } + ], + "sourceIdentifier": "contact@wpscan.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ], + "source": "contact@wpscan.com", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3707.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3707.json index 46d49ab0..cf33dfa8 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3707.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3707.json @@ -1 +1,87 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-3707","item":{"cve":{"id":"CVE-2023-3707","sourceIdentifier":"contact@wpscan.com","published":"2023-10-16T20:15:14.883","lastModified":"2023-10-18T17:57:04.757","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"The ActivityPub WordPress plugin before 1.0.0 does not ensure that post contents to be displayed are public and belong to the plugin, allowing any authenticated user, such as subscriber to retrieve the content of arbitrary post (such as draft and private) via an IDOR vector. Password protected posts are not affected by this issue."},{"lang":"es","value":"El complemento ActivityPub de WordPress anterior a 1.0.0 no garantiza que los contenidos de las publicaciones que se mostrarán sean públicos y pertenezcan al complemento, lo que permite a cualquier usuario autenticado, como un suscriptor, recuperar el contenido de una publicación arbitraria (como borrador y privada) a través de un IDOR vector. Las publicaciones protegidas con contraseña no se ven afectadas por este problema."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"contact@wpscan.com","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:automattic:activitypub:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"1.0.0","matchCriteriaId":"78ADABE4-21BE-4F20-BE6D-BB12EDBCD26F"}]}]}],"references":[{"url":"https://wpscan.com/vulnerability/541bbe4c-3295-4073-901d-763556269f48","source":"contact@wpscan.com","tags":["Exploit","Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-3707", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:automattic:activitypub:*:*:*:*:*:wordpress:*:*", + "matchCriteriaId": "78ADABE4-21BE-4F20-BE6D-BB12EDBCD26F", + "versionEndExcluding": "1.0.0", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "The ActivityPub WordPress plugin before 1.0.0 does not ensure that post contents to be displayed are public and belong to the plugin, allowing any authenticated user, such as subscriber to retrieve the content of arbitrary post (such as draft and private) via an IDOR vector. Password protected posts are not affected by this issue." + }, + { + "lang": "es", + "value": "El complemento ActivityPub de WordPress anterior a 1.0.0 no garantiza que los contenidos de las publicaciones que se mostrarán sean públicos y pertenezcan al complemento, lo que permite a cualquier usuario autenticado, como un suscriptor, recuperar el contenido de una publicación arbitraria (como borrador y privada) a través de un IDOR vector. Las publicaciones protegidas con contraseña no se ven afectadas por este problema." + } + ], + "id": "CVE-2023-3707", + "lastModified": "2023-10-18T17:57:04.757", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4, + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + }, + "published": "2023-10-16T20:15:14.883", + "references": [ + { + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ], + "url": "https://wpscan.com/vulnerability/541bbe4c-3295-4073-901d-763556269f48" + } + ], + "sourceIdentifier": "contact@wpscan.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ], + "source": "contact@wpscan.com", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3746.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3746.json index 0739037e..67cabf5e 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3746.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-3746.json @@ -1 +1,87 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-3746","item":{"cve":{"id":"CVE-2023-3746","sourceIdentifier":"contact@wpscan.com","published":"2023-10-16T20:15:15.010","lastModified":"2023-10-18T17:57:14.660","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"The ActivityPub WordPress plugin before 1.0.0 does not sanitize and escape some data from post content, which could allow contributor and above role to perform Stored Cross-Site Scripting attacks"},{"lang":"es","value":"El complemento ActivityPub de WordPress anterior a 1.0.0 no sanitiza ni escapa algunos datos del contenido de la publicación, lo que podría permitir que el colaborador y el rol superior realicen ataques de Cross-Site Scripting almacenados."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":5.4,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"contact@wpscan.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:automattic:activitypub:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"1.0.0","matchCriteriaId":"78ADABE4-21BE-4F20-BE6D-BB12EDBCD26F"}]}]}],"references":[{"url":"https://wpscan.com/vulnerability/c15a6032-6495-47a8-828c-37e55ed9665a","source":"contact@wpscan.com","tags":["Exploit","Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-3746", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:automattic:activitypub:*:*:*:*:*:wordpress:*:*", + "matchCriteriaId": "78ADABE4-21BE-4F20-BE6D-BB12EDBCD26F", + "versionEndExcluding": "1.0.0", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "The ActivityPub WordPress plugin before 1.0.0 does not sanitize and escape some data from post content, which could allow contributor and above role to perform Stored Cross-Site Scripting attacks" + }, + { + "lang": "es", + "value": "El complemento ActivityPub de WordPress anterior a 1.0.0 no sanitiza ni escapa algunos datos del contenido de la publicación, lo que podría permitir que el colaborador y el rol superior realicen ataques de Cross-Site Scripting almacenados." + } + ], + "id": "CVE-2023-3746", + "lastModified": "2023-10-18T17:57:14.660", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7, + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + }, + "published": "2023-10-16T20:15:15.010", + "references": [ + { + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ], + "url": "https://wpscan.com/vulnerability/c15a6032-6495-47a8-828c-37e55ed9665a" + } + ], + "sourceIdentifier": "contact@wpscan.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ], + "source": "contact@wpscan.com", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-43250.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-43250.json index 317efe20..83ac6f35 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-43250.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-43250.json @@ -1 +1,38 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-43250","item":{"cve":{"id":"CVE-2023-43250","sourceIdentifier":"cve@mitre.org","published":"2023-10-18T16:15:08.790","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There is a User Mode Write AV via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution."}],"metrics":{},"references":[{"url":"http://packetstormsecurity.com/files/175145/XNSoft-Nconvert-7.136-Buffer-Overflow-Denial-Of-Service.html","source":"cve@mitre.org"},{"url":"http://seclists.org/fulldisclosure/2023/Oct/15","source":"cve@mitre.org"},{"url":"https://github.com/mrtouch93/exploits/tree/main/NConvert7.136/User%20Mode%20Write%20AV","source":"cve@mitre.org"},{"url":"https://www.xnview.com/en/nconvert/","source":"cve@mitre.org"}]}}} +{ + "identifier": "2023/cve-2023-43250", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There is a User Mode Write AV via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution." + } + ], + "id": "CVE-2023-43250", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": {}, + "published": "2023-10-18T16:15:08.790", + "references": [ + { + "source": "cve@mitre.org", + "url": "http://packetstormsecurity.com/files/175145/XNSoft-Nconvert-7.136-Buffer-Overflow-Denial-Of-Service.html" + }, + { + "source": "cve@mitre.org", + "url": "http://seclists.org/fulldisclosure/2023/Oct/15" + }, + { + "source": "cve@mitre.org", + "url": "https://github.com/mrtouch93/exploits/tree/main/NConvert7.136/User%20Mode%20Write%20AV" + }, + { + "source": "cve@mitre.org", + "url": "https://www.xnview.com/en/nconvert/" + } + ], + "sourceIdentifier": "cve@mitre.org", + "vulnStatus": "Awaiting Analysis" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45109.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45109.json index 5e52c3f1..320a2c2c 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45109.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45109.json @@ -1 +1,106 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45109","item":{"cve":{"id":"CVE-2023-45109","sourceIdentifier":"audit@patchstack.com","published":"2023-10-13T14:15:10.193","lastModified":"2023-10-18T16:05:00.017","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"Cross-Site Request Forgery (CSRF) vulnerability in ZAKSTAN WhitePage plugin <= 1.1.5 versions."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento ZAKSTAN WhitePage en versiones <= 1.1.5."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":5.4,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":2.5}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:myback.link:whitepage:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"1.1.5","matchCriteriaId":"DFF5644D-0359-48E0-9E97-98EAFE8543BF"}]}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/white-page-publication/wordpress-whitepage-plugin-1-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","source":"audit@patchstack.com","tags":["Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-45109", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:myback.link:whitepage:*:*:*:*:*:wordpress:*:*", + "matchCriteriaId": "DFF5644D-0359-48E0-9E97-98EAFE8543BF", + "versionEndIncluding": "1.1.5", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in ZAKSTAN WhitePage plugin <= 1.1.5 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento ZAKSTAN WhitePage en versiones <= 1.1.5." + } + ], + "id": "CVE-2023-45109", + "lastModified": "2023-10-18T16:05:00.017", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9, + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5, + "source": "audit@patchstack.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-13T14:15:10.193", + "references": [ + { + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ], + "url": "https://patchstack.com/database/vulnerability/white-page-publication/wordpress-whitepage-plugin-1-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + } + ], + "sourceIdentifier": "audit@patchstack.com", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ], + "source": "audit@patchstack.com", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45383.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45383.json index 08535a8c..e70a369b 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45383.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45383.json @@ -1 +1,30 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45383","item":{"cve":{"id":"CVE-2023-45383","sourceIdentifier":"cve@mitre.org","published":"2023-10-18T16:15:08.853","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"In the module \"SoNice etiquetage\" (sonice_etiquetage) up to version 2.5.9 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a guest can perform a path traversal to view all files on the information system."}],"metrics":{},"references":[{"url":"https://common-services.com/fr/home-fr/","source":"cve@mitre.org"},{"url":"https://security.friendsofpresta.org/modules/2023/10/17/sonice_etiquetage.html","source":"cve@mitre.org"}]}}} +{ + "identifier": "2023/cve-2023-45383", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "In the module \"SoNice etiquetage\" (sonice_etiquetage) up to version 2.5.9 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a guest can perform a path traversal to view all files on the information system." + } + ], + "id": "CVE-2023-45383", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": {}, + "published": "2023-10-18T16:15:08.853", + "references": [ + { + "source": "cve@mitre.org", + "url": "https://common-services.com/fr/home-fr/" + }, + { + "source": "cve@mitre.org", + "url": "https://security.friendsofpresta.org/modules/2023/10/17/sonice_etiquetage.html" + } + ], + "sourceIdentifier": "cve@mitre.org", + "vulnStatus": "Awaiting Analysis" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45391.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45391.json index 89bdcf68..baf2bf89 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45391.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45391.json @@ -1 +1,86 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45391","item":{"cve":{"id":"CVE-2023-45391","sourceIdentifier":"cve@mitre.org","published":"2023-10-13T14:15:10.587","lastModified":"2023-10-18T15:06:56.997","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in the Create A New Employee function of Granding UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter."},{"lang":"es","value":"Una vulnerabilidad de Cross-Site Scripting (XSS) Almacenada en la función Create A New Employee de Granding UTime Master v9.0.7-Build:Apr 4,2023 permite a atacantes autenticados ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el parámetro First Name."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":4.8,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.7,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:grandingteco:utime_master:9.0.7:*:*:*:*:*:*:*","matchCriteriaId":"A0A22621-1A83-4F7F-BDDF-6E29F9C73DA9"}]}]}],"references":[{"url":"https://the-it-wonders.blogspot.com/2023/10/granding-utime-master-stored-xss.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-45391", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:grandingteco:utime_master:9.0.7:*:*:*:*:*:*:*", + "matchCriteriaId": "A0A22621-1A83-4F7F-BDDF-6E29F9C73DA9", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "A stored cross-site scripting (XSS) vulnerability in the Create A New Employee function of Granding UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de Cross-Site Scripting (XSS) Almacenada en la función Create A New Employee de Granding UTime Master v9.0.7-Build:Apr 4,2023 permite a atacantes autenticados ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el parámetro First Name." + } + ], + "id": "CVE-2023-45391", + "lastModified": "2023-10-18T15:06:56.997", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7, + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + }, + "published": "2023-10-13T14:15:10.587", + "references": [ + { + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ], + "url": "https://the-it-wonders.blogspot.com/2023/10/granding-utime-master-stored-xss.html" + } + ], + "sourceIdentifier": "cve@mitre.org", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45602.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45602.json index 4b8a0bf2..957a06f8 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45602.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45602.json @@ -1 +1,65 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45602","item":{"cve":{"id":"CVE-2023-45602","sourceIdentifier":"audit@patchstack.com","published":"2023-10-18T14:15:09.333","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.785 versions."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento Shopfiles Ltd Ebook Store en versiones<= 5.785."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":7.1,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/ebook-store/wordpress-ebook-store-plugin-5-784-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}} +{ + "identifier": "2023/cve-2023-45602", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.785 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento Shopfiles Ltd Ebook Store en versiones<= 5.785." + } + ], + "id": "CVE-2023-45602", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7, + "source": "audit@patchstack.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-18T14:15:09.333", + "references": [ + { + "source": "audit@patchstack.com", + "url": "https://patchstack.com/database/vulnerability/ebook-store/wordpress-ebook-store-plugin-5-784-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ], + "sourceIdentifier": "audit@patchstack.com", + "vulnStatus": "Awaiting Analysis", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ], + "source": "audit@patchstack.com", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45604.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45604.json index 258755c1..a9c0e01f 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45604.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45604.json @@ -1 +1,65 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45604","item":{"cve":{"id":"CVE-2023-45604","sourceIdentifier":"audit@patchstack.com","published":"2023-10-18T14:15:09.407","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Scott Reilly Get Custom Field Values plugin <= 4.0.1 versions."},{"lang":"es","value":"Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Scott Reilly Get Custom Field Values en versiones <= 4.0.1."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":5.9,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.7,"impactScore":3.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/get-custom-field-values/wordpress-get-custom-field-values-plugin-4-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}} +{ + "identifier": "2023/cve-2023-45604", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Scott Reilly Get Custom Field Values plugin <= 4.0.1 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Scott Reilly Get Custom Field Values en versiones <= 4.0.1." + } + ], + "id": "CVE-2023-45604", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7, + "source": "audit@patchstack.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-18T14:15:09.407", + "references": [ + { + "source": "audit@patchstack.com", + "url": "https://patchstack.com/database/vulnerability/get-custom-field-values/wordpress-get-custom-field-values-plugin-4-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ], + "sourceIdentifier": "audit@patchstack.com", + "vulnStatus": "Awaiting Analysis", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ], + "source": "audit@patchstack.com", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45607.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45607.json index 80d576cf..eea9157a 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45607.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45607.json @@ -1 +1,65 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45607","item":{"cve":{"id":"CVE-2023-45607","sourceIdentifier":"audit@patchstack.com","published":"2023-10-18T14:15:09.483","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Hector Cabrera WordPress Popular Posts plugin <= 6.3.2 versions."},{"lang":"es","value":"Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento Hector Cabrera WordPress Popular Posts en versiones <= 6.3.2."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.3,"impactScore":3.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/wordpress-popular-posts/wordpress-popular-posts-plugin-6-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}} +{ + "identifier": "2023/cve-2023-45607", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Hector Cabrera WordPress Popular Posts plugin <= 6.3.2 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento Hector Cabrera WordPress Popular Posts en versiones <= 6.3.2." + } + ], + "id": "CVE-2023-45607", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7, + "source": "audit@patchstack.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-18T14:15:09.483", + "references": [ + { + "source": "audit@patchstack.com", + "url": "https://patchstack.com/database/vulnerability/wordpress-popular-posts/wordpress-popular-posts-plugin-6-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ], + "sourceIdentifier": "audit@patchstack.com", + "vulnStatus": "Awaiting Analysis", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ], + "source": "audit@patchstack.com", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45628.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45628.json index 12725318..5aec4e2d 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45628.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45628.json @@ -1 +1,65 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45628","item":{"cve":{"id":"CVE-2023-45628","sourceIdentifier":"audit@patchstack.com","published":"2023-10-18T14:15:09.557","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in QROkes QR Twitter Widget plugin <= 0.2.3 versions."},{"lang":"es","value":"Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento QROkes QR Twitter Widget en versiones <= 0.2.3."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.3,"impactScore":3.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/qr-twitter-widget/wordpress-qr-twitter-widget-plugin-0-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}} +{ + "identifier": "2023/cve-2023-45628", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in QROkes QR Twitter Widget plugin <= 0.2.3 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento QROkes QR Twitter Widget en versiones <= 0.2.3." + } + ], + "id": "CVE-2023-45628", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7, + "source": "audit@patchstack.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-18T14:15:09.557", + "references": [ + { + "source": "audit@patchstack.com", + "url": "https://patchstack.com/database/vulnerability/qr-twitter-widget/wordpress-qr-twitter-widget-plugin-0-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ], + "sourceIdentifier": "audit@patchstack.com", + "vulnStatus": "Awaiting Analysis", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ], + "source": "audit@patchstack.com", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45630.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45630.json index 3a6629f0..7e4eee8e 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45630.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45630.json @@ -1 +1,65 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45630","item":{"cve":{"id":"CVE-2023-45630","sourceIdentifier":"audit@patchstack.com","published":"2023-10-18T14:15:09.637","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"Unauth. Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 versions."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting (XSS) Almacenada No Autenticada en el complemento wpdevart Gallery – Image and Video Gallery with Thumbnails en versiones <= 2.0.3."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":7.1,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}} +{ + "identifier": "2023/cve-2023-45630", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Almacenada No Autenticada en el complemento wpdevart Gallery – Image and Video Gallery with Thumbnails en versiones <= 2.0.3." + } + ], + "id": "CVE-2023-45630", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7, + "source": "audit@patchstack.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-18T14:15:09.637", + "references": [ + { + "source": "audit@patchstack.com", + "url": "https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ], + "sourceIdentifier": "audit@patchstack.com", + "vulnStatus": "Awaiting Analysis", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ], + "source": "audit@patchstack.com", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45632.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45632.json index 935b6f8f..7aa85561 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45632.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45632.json @@ -1 +1,65 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45632","item":{"cve":{"id":"CVE-2023-45632","sourceIdentifier":"audit@patchstack.com","published":"2023-10-18T14:15:09.710","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WebDorado SpiderVPlayer plugin <= 1.5.22 versions."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento WebDorado SpiderVPlayer en versiones <= 1.5.22."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":7.1,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/player/wordpress-spidervplayer-plugin-1-5-22-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}} +{ + "identifier": "2023/cve-2023-45632", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WebDorado SpiderVPlayer plugin <= 1.5.22 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento WebDorado SpiderVPlayer en versiones <= 1.5.22." + } + ], + "id": "CVE-2023-45632", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7, + "source": "audit@patchstack.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-18T14:15:09.710", + "references": [ + { + "source": "audit@patchstack.com", + "url": "https://patchstack.com/database/vulnerability/player/wordpress-spidervplayer-plugin-1-5-22-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ], + "sourceIdentifier": "audit@patchstack.com", + "vulnStatus": "Awaiting Analysis", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ], + "source": "audit@patchstack.com", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45901.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45901.json index bfe34840..b5b7766d 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45901.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45901.json @@ -1 +1,86 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45901","item":{"cve":{"id":"CVE-2023-45901","sourceIdentifier":"cve@mitre.org","published":"2023-10-17T14:15:10.033","lastModified":"2023-10-18T17:55:22.477","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin\\/category\\/add."},{"lang":"es","value":"Se descubrió que Dreamer CMS v4.1.3 contiene Cross-Site Request Forgery (CSRF) a través del componente /admin\\/category\\/add."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"F8278D9D-0CD5-4659-8BD6-8A4557D57C2C"}]}]}],"references":[{"url":"https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20in%20the%20newly%20added%20column%20of%20column%20management.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-45901", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F8278D9D-0CD5-4659-8BD6-8A4557D57C2C", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin\\/category\\/add." + }, + { + "lang": "es", + "value": "Se descubrió que Dreamer CMS v4.1.3 contiene Cross-Site Request Forgery (CSRF) a través del componente /admin\\/category\\/add." + } + ], + "id": "CVE-2023-45901", + "lastModified": "2023-10-18T17:55:22.477", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9, + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + }, + "published": "2023-10-17T14:15:10.033", + "references": [ + { + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ], + "url": "https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20in%20the%20newly%20added%20column%20of%20column%20management.md" + } + ], + "sourceIdentifier": "cve@mitre.org", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45902.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45902.json index c224b261..30a57878 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45902.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45902.json @@ -1 +1,86 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45902","item":{"cve":{"id":"CVE-2023-45902","sourceIdentifier":"cve@mitre.org","published":"2023-10-17T14:15:10.083","lastModified":"2023-10-18T17:55:36.060","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/attachment/delete."},{"lang":"es","value":"Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/attachment/delete."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"F8278D9D-0CD5-4659-8BD6-8A4557D57C2C"}]}]}],"references":[{"url":"https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20in%20the%20attachment%20management%20deletion%20function.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-45902", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F8278D9D-0CD5-4659-8BD6-8A4557D57C2C", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/attachment/delete." + }, + { + "lang": "es", + "value": "Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/attachment/delete." + } + ], + "id": "CVE-2023-45902", + "lastModified": "2023-10-18T17:55:36.060", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9, + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + }, + "published": "2023-10-17T14:15:10.083", + "references": [ + { + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ], + "url": "https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20in%20the%20attachment%20management%20deletion%20function.md" + } + ], + "sourceIdentifier": "cve@mitre.org", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45903.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45903.json index 4319a750..162a4a8c 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45903.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45903.json @@ -1 +1,86 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45903","item":{"cve":{"id":"CVE-2023-45903","sourceIdentifier":"cve@mitre.org","published":"2023-10-17T14:15:10.140","lastModified":"2023-10-18T17:55:51.257","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/label/delete."},{"lang":"es","value":"Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/label/delete."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"F8278D9D-0CD5-4659-8BD6-8A4557D57C2C"}]}]}],"references":[{"url":"https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20vulnerability%20in%20the%20label%20management%20deletion%20function.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-45903", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F8278D9D-0CD5-4659-8BD6-8A4557D57C2C", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/label/delete." + }, + { + "lang": "es", + "value": "Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/label/delete." + } + ], + "id": "CVE-2023-45903", + "lastModified": "2023-10-18T17:55:51.257", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9, + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + }, + "published": "2023-10-17T14:15:10.140", + "references": [ + { + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ], + "url": "https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20vulnerability%20in%20the%20label%20management%20deletion%20function.md" + } + ], + "sourceIdentifier": "cve@mitre.org", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45904.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45904.json index c5df8cc7..3d70b90a 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45904.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45904.json @@ -1 +1,86 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45904","item":{"cve":{"id":"CVE-2023-45904","sourceIdentifier":"cve@mitre.org","published":"2023-10-17T14:15:10.193","lastModified":"2023-10-18T17:55:56.933","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /variable/update."},{"lang":"es","value":"Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /variable/update."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"F8278D9D-0CD5-4659-8BD6-8A4557D57C2C"}]}]}],"references":[{"url":"https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20vulnerability%20in%20the%20variable%20management%20modification%20function.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-45904", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F8278D9D-0CD5-4659-8BD6-8A4557D57C2C", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /variable/update." + }, + { + "lang": "es", + "value": "Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /variable/update." + } + ], + "id": "CVE-2023-45904", + "lastModified": "2023-10-18T17:55:56.933", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9, + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + }, + "published": "2023-10-17T14:15:10.193", + "references": [ + { + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ], + "url": "https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20vulnerability%20in%20the%20variable%20management%20modification%20function.md" + } + ], + "sourceIdentifier": "cve@mitre.org", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45905.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45905.json index 328050b4..4181a595 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45905.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45905.json @@ -1 +1,86 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45905","item":{"cve":{"id":"CVE-2023-45905","sourceIdentifier":"cve@mitre.org","published":"2023-10-17T14:15:10.247","lastModified":"2023-10-18T17:56:02.937","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/add."},{"lang":"es","value":"Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/variable/add."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"F8278D9D-0CD5-4659-8BD6-8A4557D57C2C"}]}]}],"references":[{"url":"https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20vulnerability%20in%20variable%20management%20with%20added%20functionality.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-45905", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F8278D9D-0CD5-4659-8BD6-8A4557D57C2C", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/add." + }, + { + "lang": "es", + "value": "Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/variable/add." + } + ], + "id": "CVE-2023-45905", + "lastModified": "2023-10-18T17:56:02.937", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9, + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + }, + "published": "2023-10-17T14:15:10.247", + "references": [ + { + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ], + "url": "https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20vulnerability%20in%20variable%20management%20with%20added%20functionality.md" + } + ], + "sourceIdentifier": "cve@mitre.org", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45906.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45906.json index 52537e18..d150bb7e 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45906.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45906.json @@ -1 +1,86 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45906","item":{"cve":{"id":"CVE-2023-45906","sourceIdentifier":"cve@mitre.org","published":"2023-10-17T14:15:10.307","lastModified":"2023-10-18T17:56:08.690","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/user/add."},{"lang":"es","value":"Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/user/add."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"F8278D9D-0CD5-4659-8BD6-8A4557D57C2C"}]}]}],"references":[{"url":"https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20in%20the%20user%20added%20function.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-45906", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F8278D9D-0CD5-4659-8BD6-8A4557D57C2C", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/user/add." + }, + { + "lang": "es", + "value": "Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/user/add." + } + ], + "id": "CVE-2023-45906", + "lastModified": "2023-10-18T17:56:08.690", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9, + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + }, + "published": "2023-10-17T14:15:10.307", + "references": [ + { + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ], + "url": "https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20in%20the%20user%20added%20function.md" + } + ], + "sourceIdentifier": "cve@mitre.org", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45907.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45907.json index 8b00e00d..af182f10 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45907.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-45907.json @@ -1 +1,86 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-45907","item":{"cve":{"id":"CVE-2023-45907","sourceIdentifier":"cve@mitre.org","published":"2023-10-17T14:15:10.360","lastModified":"2023-10-18T17:56:13.600","vulnStatus":"Analyzed","descriptions":[{"lang":"en","value":"Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/delete."},{"lang":"es","value":"Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/variable/delete."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"F8278D9D-0CD5-4659-8BD6-8A4557D57C2C"}]}]}],"references":[{"url":"https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20vulnerability%20in%20the%20variable%20management%20deletion%20function.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}} +{ + "identifier": "2023/cve-2023-45907", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:dreamer_cms_project:dreamer_cms:4.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F8278D9D-0CD5-4659-8BD6-8A4557D57C2C", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/delete." + }, + { + "lang": "es", + "value": "Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/variable/delete." + } + ], + "id": "CVE-2023-45907", + "lastModified": "2023-10-18T17:56:13.600", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9, + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + }, + "published": "2023-10-17T14:15:10.360", + "references": [ + { + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ], + "url": "https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20vulnerability%20in%20the%20variable%20management%20deletion%20function.md" + } + ], + "sourceIdentifier": "cve@mitre.org", + "vulnStatus": "Analyzed", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-46009.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-46009.json index 4834c0b6..161b8550 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-46009.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-46009.json @@ -1 +1,26 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-46009","item":{"cve":{"id":"CVE-2023-46009","sourceIdentifier":"cve@mitre.org","published":"2023-10-18T16:15:08.900","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"gifsicle-1.94 was found to have a floating point exception (FPE) vulnerability via resize_stream at src/xform.c."}],"metrics":{},"references":[{"url":"https://github.com/kohler/gifsicle/issues/196","source":"cve@mitre.org"}]}}} +{ + "identifier": "2023/cve-2023-46009", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "gifsicle-1.94 was found to have a floating point exception (FPE) vulnerability via resize_stream at src/xform.c." + } + ], + "id": "CVE-2023-46009", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": {}, + "published": "2023-10-18T16:15:08.900", + "references": [ + { + "source": "cve@mitre.org", + "url": "https://github.com/kohler/gifsicle/issues/196" + } + ], + "sourceIdentifier": "cve@mitre.org", + "vulnStatus": "Awaiting Analysis" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-5631.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-5631.json index 56ea6719..c938f07e 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-5631.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-5631.json @@ -1 +1,77 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-5631","item":{"cve":{"id":"CVE-2023-5631","sourceIdentifier":"security@eset.com","published":"2023-10-18T15:15:08.727","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"\nRoundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker\n\nto load arbitrary JavaScript code.\n\n\n\n\n\n\n\n"},{"lang":"es","value":"Roundcube anterior a 1.4.15, 1.5.x anterior a 1.5.5 y 1.6.x anterior a 1.6.4 permiten almacenar XSS a través de un mensaje de correo electrónico HTML con un documento SVG manipulado debido al comportamiento de program/lib/Roundcube/rcube_washtml.php. Esto podría permitir que un atacante remoto cargue código JavaScript arbitrario."}],"metrics":{"cvssMetricV31":[{"source":"security@eset.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"security@eset.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/roundcube/roundcubemail/commit/6ee6e7ae301e165e2b2cb703edf75552e5376613","source":"security@eset.com"},{"url":"https://github.com/roundcube/roundcubemail/releases/tag/1.4.15","source":"security@eset.com"},{"url":"https://github.com/roundcube/roundcubemail/releases/tag/1.5.5","source":"security@eset.com"},{"url":"https://github.com/roundcube/roundcubemail/releases/tag/1.6.4","source":"security@eset.com"}]}}} +{ + "identifier": "2023/cve-2023-5631", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "\nRoundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker\n\nto load arbitrary JavaScript code.\n\n\n\n\n\n\n\n" + }, + { + "lang": "es", + "value": "Roundcube anterior a 1.4.15, 1.5.x anterior a 1.5.5 y 1.6.x anterior a 1.6.4 permiten almacenar XSS a través de un mensaje de correo electrónico HTML con un documento SVG manipulado debido al comportamiento de program/lib/Roundcube/rcube_washtml.php. Esto podría permitir que un atacante remoto cargue código JavaScript arbitrario." + } + ], + "id": "CVE-2023-5631", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7, + "source": "security@eset.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-18T15:15:08.727", + "references": [ + { + "source": "security@eset.com", + "url": "https://github.com/roundcube/roundcubemail/commit/6ee6e7ae301e165e2b2cb703edf75552e5376613" + }, + { + "source": "security@eset.com", + "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.15" + }, + { + "source": "security@eset.com", + "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.5.5" + }, + { + "source": "security@eset.com", + "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.6.4" + } + ], + "sourceIdentifier": "security@eset.com", + "vulnStatus": "Awaiting Analysis", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ], + "source": "security@eset.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-5642.json b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-5642.json index 83e76c7a..c2a17f2f 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-5642.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/full-page/2023/cve-2023-5642.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2023/cve-2023-5642","item":{"cve":{"id":"CVE-2023-5642","sourceIdentifier":"vulnreport@tenable.com","published":"2023-10-18T16:15:08.943","lastModified":"2023-10-18T17:41:28.250","vulnStatus":"Awaiting Analysis","descriptions":[{"lang":"en","value":"Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to the snmpmon.ini file, which contains sensitive information."}],"metrics":{"cvssMetricV31":[{"source":"vulnreport@tenable.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"vulnreport@tenable.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://tenable.com/security/research/tra-2023-33","source":"vulnreport@tenable.com"}]}}} +{ + "identifier": "2023/cve-2023-5642", + "item": { + "cve": { + "descriptions": [ + { + "lang": "en", + "value": "Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to the snmpmon.ini file, which contains sensitive information." + } + ], + "id": "CVE-2023-5642", + "lastModified": "2023-10-18T17:41:28.250", + "metrics": { + "cvssMetricV31": [ + { + "cvssData": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9, + "source": "vulnreport@tenable.com", + "type": "Secondary" + } + ] + }, + "published": "2023-10-18T16:15:08.943", + "references": [ + { + "source": "vulnreport@tenable.com", + "url": "https://tenable.com/security/research/tra-2023-33" + } + ], + "sourceIdentifier": "vulnreport@tenable.com", + "vulnStatus": "Awaiting Analysis", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ], + "source": "vulnreport@tenable.com", + "type": "Secondary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/nvd/test-fixtures/snapshots/single-entry/2011/cve-2011-0022.json b/tests/unit/providers/nvd/test-fixtures/snapshots/single-entry/2011/cve-2011-0022.json index b9a7b0ef..71a3c8f1 100644 --- a/tests/unit/providers/nvd/test-fixtures/snapshots/single-entry/2011/cve-2011-0022.json +++ b/tests/unit/providers/nvd/test-fixtures/snapshots/single-entry/2011/cve-2011-0022.json @@ -1 +1,222 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json","identifier":"2011/cve-2011-0022","item":{"cve":{"id":"CVE-2011-0022","sourceIdentifier":"secalert@redhat.com","published":"2011-02-23T19:00:01.813","lastModified":"2011-03-31T03:28:54.470","vulnStatus":"Modified","descriptions":[{"lang":"en","value":"The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary process termination) by replacing PID files contained in this directory."},{"lang":"es","value":"Las secuencias de comandos de configuración en 389 Directory Server v1.2.x (también conocido como Red Hat Directory Server 8.2.x)), cuando varias instancias sin privilegios están configuradas, usa permisos 0777 para el directorio /var/run/dirsrv, que permite a usuarios locales provocar una denegación de servicios (fallo de demonio o terminación de procesos de su elección) mediante la sustitución de los archivos PID contenidos en este directorio."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:N/I:N/A:C","accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE","baseScore":4.7},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-399"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"CE2E9C8D-FFEE-424C-BBA6-42BD4309D18A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.2:*:*:*:*:*:*:*","matchCriteriaId":"8F2E9CEF-F30D-4374-A7E2-052102B602A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.3:*:*:*:*:*:*:*","matchCriteriaId":"16A8729B-B00B-4871-B083-6B10A5034721"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:*:*:*:*:*:*:*","matchCriteriaId":"6335FA65-9498-40AF-AE2B-034DA2823821"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc1:*:*:*:*:*:*","matchCriteriaId":"8CF92ADB-B5B0-43D7-93D8-CBA3AE46EB8D"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc2:*:*:*:*:*:*","matchCriteriaId":"17F8ED59-E27A-4B9B-8BB8-66FAB2B2DCFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc3:*:*:*:*:*:*","matchCriteriaId":"4200CEAB-4E14-48C8-9D6F-F86796475019"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc4:*:*:*:*:*:*","matchCriteriaId":"3179916B-F98C-4D10-82AB-59DCCACBE8DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:*:*:*:*:*:*:*","matchCriteriaId":"B44B5289-08BB-4D62-B60D-1BD738472B1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a2:*:*:*:*:*:*","matchCriteriaId":"02392BBF-AFAB-4739-BAF6-E930692AB28F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a3:*:*:*:*:*:*","matchCriteriaId":"BFF70436-E01E-4912-AC31-B600F5E8CB4F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a4:*:*:*:*:*:*","matchCriteriaId":"360BA51B-B47E-4537-B564-9E628DF4E6EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc1:*:*:*:*:*:*","matchCriteriaId":"987F04BC-75DC-4959-AE32-070F11F9EBC2"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc2:*:*:*:*:*:*","matchCriteriaId":"078BCE55-90BB-48DE-92D1-9A152338158C"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc3:*:*:*:*:*:*","matchCriteriaId":"595F5AEE-E4A9-40E0-AF03-69AF689C4916"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc6:*:*:*:*:*:*","matchCriteriaId":"FED47519-F254-4545-8551-FFBD0B4F9FAB"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc7:*:*:*:*:*:*","matchCriteriaId":"A06C0421-74B7-4F9D-9F3A-18BF62BDD4D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.6.1:*:*:*:*:*:*:*","matchCriteriaId":"83F772DF-B8A7-4577-9AC6-3234B8C7FFAA"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.7:alpha3:*:*:*:*:*:*","matchCriteriaId":"60624BFB-BB50-47F9-BB6D-BC92B40988BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.7.5:*:*:*:*:*:*:*","matchCriteriaId":"17C879AE-7435-43F5-94E5-A7ED84E46D0F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha1:*:*:*:*:*:*","matchCriteriaId":"5809DC7B-AC50-4E03-A8FA-6C2C6B67A400"},{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha2:*:*:*:*:*:*","matchCriteriaId":"04FED7B7-7D97-4020-9D5C-A7150B43838C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:directory_server:8.2:*:*:*:*:*:*:*","matchCriteriaId":"EDC61481-16C5-44EF-AA40-8423A40B2581"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:directory_server:8.2.3:*:*:*:*:*:*:*","matchCriteriaId":"C92B4226-6D3D-4430-A753-92E828FBBB8C"}]}]}],"references":[{"url":"http://www.redhat.com/support/errata/RHSA-2011-0293.html","source":"secalert@redhat.com"},{"url":"http://www.securityfocus.com/bid/46489","source":"secalert@redhat.com"},{"url":"http://www.securitytracker.com/id?1025102","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=671199","source":"secalert@redhat.com"}]}}} +{ + "identifier": "2011/cve-2011-0022", + "item": { + "cve": { + "configurations": [ + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "CE2E9C8D-FFEE-424C-BBA6-42BD4309D18A", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.2:*:*:*:*:*:*:*", + "matchCriteriaId": "8F2E9CEF-F30D-4374-A7E2-052102B602A7", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "16A8729B-B00B-4871-B083-6B10A5034721", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:*:*:*:*:*:*:*", + "matchCriteriaId": "6335FA65-9498-40AF-AE2B-034DA2823821", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8CF92ADB-B5B0-43D7-93D8-CBA3AE46EB8D", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc2:*:*:*:*:*:*", + "matchCriteriaId": "17F8ED59-E27A-4B9B-8BB8-66FAB2B2DCFB", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc3:*:*:*:*:*:*", + "matchCriteriaId": "4200CEAB-4E14-48C8-9D6F-F86796475019", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc4:*:*:*:*:*:*", + "matchCriteriaId": "3179916B-F98C-4D10-82AB-59DCCACBE8DA", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:*:*:*:*:*:*:*", + "matchCriteriaId": "B44B5289-08BB-4D62-B60D-1BD738472B1D", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a2:*:*:*:*:*:*", + "matchCriteriaId": "02392BBF-AFAB-4739-BAF6-E930692AB28F", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a3:*:*:*:*:*:*", + "matchCriteriaId": "BFF70436-E01E-4912-AC31-B600F5E8CB4F", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a4:*:*:*:*:*:*", + "matchCriteriaId": "360BA51B-B47E-4537-B564-9E628DF4E6EA", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc1:*:*:*:*:*:*", + "matchCriteriaId": "987F04BC-75DC-4959-AE32-070F11F9EBC2", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc2:*:*:*:*:*:*", + "matchCriteriaId": "078BCE55-90BB-48DE-92D1-9A152338158C", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc3:*:*:*:*:*:*", + "matchCriteriaId": "595F5AEE-E4A9-40E0-AF03-69AF689C4916", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc6:*:*:*:*:*:*", + "matchCriteriaId": "FED47519-F254-4545-8551-FFBD0B4F9FAB", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc7:*:*:*:*:*:*", + "matchCriteriaId": "A06C0421-74B7-4F9D-9F3A-18BF62BDD4D9", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6.1:*:*:*:*:*:*:*", + "matchCriteriaId": "83F772DF-B8A7-4577-9AC6-3234B8C7FFAA", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.7:alpha3:*:*:*:*:*:*", + "matchCriteriaId": "60624BFB-BB50-47F9-BB6D-BC92B40988BF", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.7.5:*:*:*:*:*:*:*", + "matchCriteriaId": "17C879AE-7435-43F5-94E5-A7ED84E46D0F", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha1:*:*:*:*:*:*", + "matchCriteriaId": "5809DC7B-AC50-4E03-A8FA-6C2C6B67A400", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha2:*:*:*:*:*:*", + "matchCriteriaId": "04FED7B7-7D97-4020-9D5C-A7150B43838C", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + }, + { + "nodes": [ + { + "cpeMatch": [ + { + "criteria": "cpe:2.3:a:redhat:directory_server:8.2:*:*:*:*:*:*:*", + "matchCriteriaId": "EDC61481-16C5-44EF-AA40-8423A40B2581", + "vulnerable": true + }, + { + "criteria": "cpe:2.3:a:redhat:directory_server:8.2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "C92B4226-6D3D-4430-A753-92E828FBBB8C", + "vulnerable": true + } + ], + "negate": false, + "operator": "OR" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary process termination) by replacing PID files contained in this directory." + }, + { + "lang": "es", + "value": "Las secuencias de comandos de configuración en 389 Directory Server v1.2.x (también conocido como Red Hat Directory Server 8.2.x)), cuando varias instancias sin privilegios están configuradas, usa permisos 0777 para el directorio /var/run/dirsrv, que permite a usuarios locales provocar una denegación de servicios (fallo de demonio o terminación de procesos de su elección) mediante la sustitución de los archivos PID contenidos en este directorio." + } + ], + "id": "CVE-2011-0022", + "lastModified": "2011-03-31T03:28:54.470", + "metrics": { + "cvssMetricV2": [ + { + "acInsufInfo": false, + "baseSeverity": "MEDIUM", + "cvssData": { + "accessComplexity": "MEDIUM", + "accessVector": "LOCAL", + "authentication": "NONE", + "availabilityImpact": "COMPLETE", + "baseScore": 4.7, + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", + "version": "2.0" + }, + "exploitabilityScore": 3.4, + "impactScore": 6.9, + "obtainAllPrivilege": false, + "obtainOtherPrivilege": false, + "obtainUserPrivilege": false, + "source": "nvd@nist.gov", + "type": "Primary", + "userInteractionRequired": false + } + ] + }, + "published": "2011-02-23T19:00:01.813", + "references": [ + { + "source": "secalert@redhat.com", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0293.html" + }, + { + "source": "secalert@redhat.com", + "url": "http://www.securityfocus.com/bid/46489" + }, + { + "source": "secalert@redhat.com", + "url": "http://www.securitytracker.com/id?1025102" + }, + { + "source": "secalert@redhat.com", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=671199" + } + ], + "sourceIdentifier": "secalert@redhat.com", + "vulnStatus": "Modified", + "weaknesses": [ + { + "description": [ + { + "lang": "en", + "value": "CWE-399" + } + ], + "source": "nvd@nist.gov", + "type": "Primary" + } + ] + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/nvd/schema-1.0.0.json" +} diff --git a/tests/unit/providers/oracle/test-fixtures/snapshots/ol:5/elsa-2007-0057.json b/tests/unit/providers/oracle/test-fixtures/snapshots/ol:5/elsa-2007-0057.json index 2cd5b4cc..1f08d29d 100644 --- a/tests/unit/providers/oracle/test-fixtures/snapshots/ol:5/elsa-2007-0057.json +++ b/tests/unit/providers/oracle/test-fixtures/snapshots/ol:5/elsa-2007-0057.json @@ -1 +1,86 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ol:5/elsa-2007-0057","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"ol:5","FixedIn":[{"Name":"bind","Version":"30:9.3.3-8.el5","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:5"},{"Name":"bind-chroot","Version":"30:9.3.3-8.el5","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:5"},{"Name":"bind-devel","Version":"30:9.3.3-8.el5","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:5"},{"Name":"bind-libbind-devel","Version":"30:9.3.3-8.el5","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:5"},{"Name":"bind-libs","Version":"30:9.3.3-8.el5","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:5"},{"Name":"bind-sdb","Version":"30:9.3.3-8.el5","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:5"},{"Name":"bind-utils","Version":"30:9.3.3-8.el5","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:5"},{"Name":"caching-nameserver","Version":"30:9.3.3-8.el5","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:5"}],"Link":"http://linux.oracle.com/errata/ELSA-2007-0057.html","Description":"[30:9.3.3-8]\n - added fix for #224445 - CVE-2007-0493 BIND might crash after\n attempting to read free()-ed memory\n - added fix for #225229 - CVE-2007-0494 BIND dnssec denial of service\n - Resolves: rhbz#224445\n - Resolves: rhbz#225229","Metadata":{"Issued":"2007-06-26","RefId":"ELSA-2007-0057","CVE":[{"Name":"CVE-2007-0493","Link":"http://linux.oracle.com/cve/CVE-2007-0493.html"},{"Name":"CVE-2007-0494","Link":"http://linux.oracle.com/cve/CVE-2007-0494.html"}]},"Name":"ELSA-2007-0057","CVSS":[]}}} +{ + "identifier": "ol:5/elsa-2007-0057", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "[30:9.3.3-8]\n - added fix for #224445 - CVE-2007-0493 BIND might crash after\n attempting to read free()-ed memory\n - added fix for #225229 - CVE-2007-0494 BIND dnssec denial of service\n - Resolves: rhbz#224445\n - Resolves: rhbz#225229", + "FixedIn": [ + { + "Module": null, + "Name": "bind", + "NamespaceName": "ol:5", + "Version": "30:9.3.3-8.el5", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "bind-chroot", + "NamespaceName": "ol:5", + "Version": "30:9.3.3-8.el5", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "bind-devel", + "NamespaceName": "ol:5", + "Version": "30:9.3.3-8.el5", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "bind-libbind-devel", + "NamespaceName": "ol:5", + "Version": "30:9.3.3-8.el5", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "bind-libs", + "NamespaceName": "ol:5", + "Version": "30:9.3.3-8.el5", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "bind-sdb", + "NamespaceName": "ol:5", + "Version": "30:9.3.3-8.el5", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "bind-utils", + "NamespaceName": "ol:5", + "Version": "30:9.3.3-8.el5", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "caching-nameserver", + "NamespaceName": "ol:5", + "Version": "30:9.3.3-8.el5", + "VersionFormat": "rpm" + } + ], + "Link": "http://linux.oracle.com/errata/ELSA-2007-0057.html", + "Metadata": { + "CVE": [ + { + "Link": "http://linux.oracle.com/cve/CVE-2007-0493.html", + "Name": "CVE-2007-0493" + }, + { + "Link": "http://linux.oracle.com/cve/CVE-2007-0494.html", + "Name": "CVE-2007-0494" + } + ], + "Issued": "2007-06-26", + "RefId": "ELSA-2007-0057" + }, + "Name": "ELSA-2007-0057", + "NamespaceName": "ol:5", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/oracle/test-fixtures/snapshots/ol:6/elsa-2018-4250.json b/tests/unit/providers/oracle/test-fixtures/snapshots/ol:6/elsa-2018-4250.json index 1ddbabbb..438311fa 100644 --- a/tests/unit/providers/oracle/test-fixtures/snapshots/ol:6/elsa-2018-4250.json +++ b/tests/unit/providers/oracle/test-fixtures/snapshots/ol:6/elsa-2018-4250.json @@ -1 +1,80 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ol:6/elsa-2018-4250","item":{"Vulnerability":{"Severity":"High","NamespaceName":"ol:6","FixedIn":[{"Name":"kernel-uek","Version":"0:2.6.39-400.302.2.el6uek","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:6"},{"Name":"kernel-uek-debug","Version":"0:2.6.39-400.302.2.el6uek","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:6"},{"Name":"kernel-uek-debug-devel","Version":"0:2.6.39-400.302.2.el6uek","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:6"},{"Name":"kernel-uek-devel","Version":"0:2.6.39-400.302.2.el6uek","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:6"},{"Name":"kernel-uek-doc","Version":"0:2.6.39-400.302.2.el6uek","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:6"},{"Name":"kernel-uek-firmware","Version":"0:2.6.39-400.302.2.el6uek","Module":null,"VersionFormat":"rpm","NamespaceName":"ol:6"}],"Link":"http://linux.oracle.com/errata/ELSA-2018-4250.html","Description":"[2.6.39-400.302.2]\n- Revert 'Fix up non-directory creation in SGID directories' (Brian Maly) [Orabug: 28781234]\n\n[2.6.39-400.302.1]\n- Fix up non-directory creation in SGID directories (Linus Torvalds) [Orabug: 28459479] {CVE-2018-13405}\n- ALSA: seq: Make ioctls race-free (Takashi Iwai) [Orabug: 28459730] {CVE-2018-7566}\n- rds: CVE-2018-7492: Fix NULL pointer dereference in __rds_rdma_map (Hakon Bugge) [Orabug: 28539910] {CVE-2018-7492}\n- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (Scott Bauer) [Orabug: 28664549] {CVE-2018-16658}\n- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (Seunghun Han) [Orabug: 28664580] {CVE-2017-13695}\n- exec: Limit arg stack to at most 75% of _STK_LIM (Kees Cook) [Orabug: 28710024] {CVE-2018-14634}","Metadata":{"Issued":"2018-10-12","RefId":"ELSA-2018-4250","CVE":[{"Name":"CVE-2018-7566","Link":"http://linux.oracle.com/cve/CVE-2018-7566.html"},{"Name":"CVE-2017-13695","Link":"http://linux.oracle.com/cve/CVE-2017-13695.html"},{"Name":"CVE-2018-16658","Link":"http://linux.oracle.com/cve/CVE-2018-16658.html"},{"Name":"CVE-2018-7492","Link":"http://linux.oracle.com/cve/CVE-2018-7492.html"}]},"Name":"ELSA-2018-4250","CVSS":[]}}} +{ + "identifier": "ol:6/elsa-2018-4250", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "[2.6.39-400.302.2]\n- Revert 'Fix up non-directory creation in SGID directories' (Brian Maly) [Orabug: 28781234]\n\n[2.6.39-400.302.1]\n- Fix up non-directory creation in SGID directories (Linus Torvalds) [Orabug: 28459479] {CVE-2018-13405}\n- ALSA: seq: Make ioctls race-free (Takashi Iwai) [Orabug: 28459730] {CVE-2018-7566}\n- rds: CVE-2018-7492: Fix NULL pointer dereference in __rds_rdma_map (Hakon Bugge) [Orabug: 28539910] {CVE-2018-7492}\n- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (Scott Bauer) [Orabug: 28664549] {CVE-2018-16658}\n- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (Seunghun Han) [Orabug: 28664580] {CVE-2017-13695}\n- exec: Limit arg stack to at most 75% of _STK_LIM (Kees Cook) [Orabug: 28710024] {CVE-2018-14634}", + "FixedIn": [ + { + "Module": null, + "Name": "kernel-uek", + "NamespaceName": "ol:6", + "Version": "0:2.6.39-400.302.2.el6uek", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "kernel-uek-debug", + "NamespaceName": "ol:6", + "Version": "0:2.6.39-400.302.2.el6uek", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "kernel-uek-debug-devel", + "NamespaceName": "ol:6", + "Version": "0:2.6.39-400.302.2.el6uek", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "kernel-uek-devel", + "NamespaceName": "ol:6", + "Version": "0:2.6.39-400.302.2.el6uek", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "kernel-uek-doc", + "NamespaceName": "ol:6", + "Version": "0:2.6.39-400.302.2.el6uek", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "kernel-uek-firmware", + "NamespaceName": "ol:6", + "Version": "0:2.6.39-400.302.2.el6uek", + "VersionFormat": "rpm" + } + ], + "Link": "http://linux.oracle.com/errata/ELSA-2018-4250.html", + "Metadata": { + "CVE": [ + { + "Link": "http://linux.oracle.com/cve/CVE-2018-7566.html", + "Name": "CVE-2018-7566" + }, + { + "Link": "http://linux.oracle.com/cve/CVE-2017-13695.html", + "Name": "CVE-2017-13695" + }, + { + "Link": "http://linux.oracle.com/cve/CVE-2018-16658.html", + "Name": "CVE-2018-16658" + }, + { + "Link": "http://linux.oracle.com/cve/CVE-2018-7492.html", + "Name": "CVE-2018-7492" + } + ], + "Issued": "2018-10-12", + "RefId": "ELSA-2018-4250" + }, + "Name": "ELSA-2018-4250", + "NamespaceName": "ol:6", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3509.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3509.json index a7322a73..9bcf1052 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3509.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3509.json @@ -1 +1,59 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:5/cve-2017-3509","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:5","FixedIn":[{"Name":"java-1.6.0-sun","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}},{"Name":"java-1.7.0-openjdk","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}},{"Name":"java-1.7.0-oracle","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3509","Description":"It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user.","Metadata":{},"Name":"CVE-2017-3509","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","base_metrics":{"base_score":4.2,"exploitability_score":1.6,"impact_score":2.5,"base_severity":"Medium"}}]}}} +{ + "identifier": "rhel:5/cve-2017-3509", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 4.2, + "base_severity": "Medium", + "exploitability_score": 1.6, + "impact_score": 2.5 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", + "version": "3.0" + } + ], + "Description": "It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.6.0-sun", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-oracle", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3509", + "Metadata": {}, + "Name": "CVE-2017-3509", + "NamespaceName": "rhel:5", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3511.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3511.json index 88219902..211f126c 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3511.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3511.json @@ -1 +1,49 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:5/cve-2017-3511","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:5","FixedIn":[{"Name":"java-1.7.0-openjdk","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}},{"Name":"java-1.7.0-oracle","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3511","Description":"An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges.","Metadata":{},"Name":"CVE-2017-3511","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.0,"exploitability_score":1.0,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:5/cve-2017-3511", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.0, + "base_severity": "High", + "exploitability_score": 1.0, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + ], + "Description": "An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-oracle", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3511", + "Metadata": {}, + "Name": "CVE-2017-3511", + "NamespaceName": "rhel:5", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3526.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3526.json index 9f8173da..e683461d 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3526.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3526.json @@ -1 +1,59 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:5/cve-2017-3526","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:5","FixedIn":[{"Name":"java-1.6.0-sun","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}},{"Name":"java-1.7.0-openjdk","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}},{"Name":"java-1.7.0-oracle","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3526","Description":"It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory.","Metadata":{},"Name":"CVE-2017-3526","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","base_metrics":{"base_score":5.9,"exploitability_score":2.2,"impact_score":3.6,"base_severity":"Medium"}}]}}} +{ + "identifier": "rhel:5/cve-2017-3526", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 5.9, + "base_severity": "Medium", + "exploitability_score": 2.2, + "impact_score": 3.6 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + ], + "Description": "It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.6.0-sun", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-oracle", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3526", + "Metadata": {}, + "Name": "CVE-2017-3526", + "NamespaceName": "rhel:5", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3533.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3533.json index 1fe2fa28..addcf663 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3533.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3533.json @@ -1 +1,59 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:5/cve-2017-3533","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:5","FixedIn":[{"Name":"java-1.6.0-sun","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}},{"Name":"java-1.7.0-openjdk","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}},{"Name":"java-1.7.0-oracle","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3533","Description":"A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application.","Metadata":{},"Name":"CVE-2017-3533","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","base_metrics":{"base_score":3.7,"exploitability_score":2.2,"impact_score":1.4,"base_severity":"Low"}}]}}} +{ + "identifier": "rhel:5/cve-2017-3533", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 3.7, + "base_severity": "Low", + "exploitability_score": 2.2, + "impact_score": 1.4 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.0" + } + ], + "Description": "A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.6.0-sun", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-oracle", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3533", + "Metadata": {}, + "Name": "CVE-2017-3533", + "NamespaceName": "rhel:5", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3539.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3539.json index 18a3c011..6118efad 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3539.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3539.json @@ -1 +1,59 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:5/cve-2017-3539","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:5","FixedIn":[{"Name":"java-1.6.0-sun","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}},{"Name":"java-1.7.0-openjdk","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}},{"Name":"java-1.7.0-oracle","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3539","Description":"It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm.","Metadata":{},"Name":"CVE-2017-3539","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","base_metrics":{"base_score":3.1,"exploitability_score":1.6,"impact_score":1.4,"base_severity":"Low"}}]}}} +{ + "identifier": "rhel:5/cve-2017-3539", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 3.1, + "base_severity": "Low", + "exploitability_score": 1.6, + "impact_score": 1.4 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", + "version": "3.0" + } + ], + "Description": "It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.6.0-sun", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-oracle", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3539", + "Metadata": {}, + "Name": "CVE-2017-3539", + "NamespaceName": "rhel:5", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3544.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3544.json index 9f0df203..6ce1bdb3 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3544.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:5/cve-2017-3544.json @@ -1 +1,59 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:5/cve-2017-3544","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:5","FixedIn":[{"Name":"java-1.6.0-sun","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}},{"Name":"java-1.7.0-openjdk","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}},{"Name":"java-1.7.0-oracle","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:5","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3544","Description":"A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application.","Metadata":{},"Name":"CVE-2017-3544","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","base_metrics":{"base_score":3.7,"exploitability_score":2.2,"impact_score":1.4,"base_severity":"Low"}}]}}} +{ + "identifier": "rhel:5/cve-2017-3544", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 3.7, + "base_severity": "Low", + "exploitability_score": 2.2, + "impact_score": 1.4 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.0" + } + ], + "Description": "A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.6.0-sun", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-oracle", + "NamespaceName": "rhel:5", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3544", + "Metadata": {}, + "Name": "CVE-2017-3544", + "NamespaceName": "rhel:5", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3509.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3509.json index afeb896e..33965b28 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3509.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3509.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2017-3509","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:6","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-0.b11.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1109","Link":"https://access.redhat.com/errata/RHSA-2017:1109"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3509","Description":"It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user.","Metadata":{},"Name":"CVE-2017-3509","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","base_metrics":{"base_score":4.2,"exploitability_score":1.6,"impact_score":2.5,"base_severity":"Medium"}}]}}} +{ + "identifier": "rhel:6/cve-2017-3509", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 4.2, + "base_severity": "Medium", + "exploitability_score": 1.6, + "impact_score": 2.5 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", + "version": "3.0" + } + ], + "Description": "It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1109", + "Link": "https://access.redhat.com/errata/RHSA-2017:1109" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-0.b11.el6_9", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el6_9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3509", + "Metadata": {}, + "Name": "CVE-2017-3509", + "NamespaceName": "rhel:6", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3511.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3511.json index dd13c54a..72b29f4b 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3511.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3511.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2017-3511","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:6","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-0.b11.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1109","Link":"https://access.redhat.com/errata/RHSA-2017:1109"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3511","Description":"An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges.","Metadata":{},"Name":"CVE-2017-3511","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.0,"exploitability_score":1.0,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:6/cve-2017-3511", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.0, + "base_severity": "High", + "exploitability_score": 1.0, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + ], + "Description": "An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1109", + "Link": "https://access.redhat.com/errata/RHSA-2017:1109" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-0.b11.el6_9", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el6_9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3511", + "Metadata": {}, + "Name": "CVE-2017-3511", + "NamespaceName": "rhel:6", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3526.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3526.json index f525a6a8..19f64ba1 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3526.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3526.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2017-3526","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:6","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-0.b11.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1109","Link":"https://access.redhat.com/errata/RHSA-2017:1109"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3526","Description":"It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory.","Metadata":{},"Name":"CVE-2017-3526","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","base_metrics":{"base_score":5.9,"exploitability_score":2.2,"impact_score":3.6,"base_severity":"Medium"}}]}}} +{ + "identifier": "rhel:6/cve-2017-3526", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 5.9, + "base_severity": "Medium", + "exploitability_score": 2.2, + "impact_score": 3.6 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + ], + "Description": "It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1109", + "Link": "https://access.redhat.com/errata/RHSA-2017:1109" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-0.b11.el6_9", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el6_9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3526", + "Metadata": {}, + "Name": "CVE-2017-3526", + "NamespaceName": "rhel:6", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3533.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3533.json index c482f7d2..509e6b0d 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3533.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3533.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2017-3533","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:6","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-0.b11.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1109","Link":"https://access.redhat.com/errata/RHSA-2017:1109"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3533","Description":"A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application.","Metadata":{},"Name":"CVE-2017-3533","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","base_metrics":{"base_score":3.7,"exploitability_score":2.2,"impact_score":1.4,"base_severity":"Low"}}]}}} +{ + "identifier": "rhel:6/cve-2017-3533", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 3.7, + "base_severity": "Low", + "exploitability_score": 2.2, + "impact_score": 1.4 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.0" + } + ], + "Description": "A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1109", + "Link": "https://access.redhat.com/errata/RHSA-2017:1109" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-0.b11.el6_9", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el6_9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3533", + "Metadata": {}, + "Name": "CVE-2017-3533", + "NamespaceName": "rhel:6", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3539.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3539.json index 22e064c1..bf3746e5 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3539.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3539.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2017-3539","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:6","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-0.b11.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1109","Link":"https://access.redhat.com/errata/RHSA-2017:1109"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3539","Description":"It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm.","Metadata":{},"Name":"CVE-2017-3539","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","base_metrics":{"base_score":3.1,"exploitability_score":1.6,"impact_score":1.4,"base_severity":"Low"}}]}}} +{ + "identifier": "rhel:6/cve-2017-3539", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 3.1, + "base_severity": "Low", + "exploitability_score": 1.6, + "impact_score": 1.4 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", + "version": "3.0" + } + ], + "Description": "It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1109", + "Link": "https://access.redhat.com/errata/RHSA-2017:1109" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-0.b11.el6_9", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el6_9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3539", + "Metadata": {}, + "Name": "CVE-2017-3539", + "NamespaceName": "rhel:6", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3544.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3544.json index 6b878fb7..d6c0341f 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3544.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2017-3544.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2017-3544","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:6","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-0.b11.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1109","Link":"https://access.redhat.com/errata/RHSA-2017:1109"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el6_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3544","Description":"A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application.","Metadata":{},"Name":"CVE-2017-3544","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","base_metrics":{"base_score":3.7,"exploitability_score":2.2,"impact_score":1.4,"base_severity":"Low"}}]}}} +{ + "identifier": "rhel:6/cve-2017-3544", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 3.7, + "base_severity": "Low", + "exploitability_score": 2.2, + "impact_score": 1.4 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.0" + } + ], + "Description": "A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1109", + "Link": "https://access.redhat.com/errata/RHSA-2017:1109" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-0.b11.el6_9", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el6_9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3544", + "Metadata": {}, + "Name": "CVE-2017-3544", + "NamespaceName": "rhel:6", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2020-16587.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2020-16587.json index 14d1d3e4..6cea747f 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2020-16587.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2020-16587.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2020-16587","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:6","FixedIn":[{"Name":"OpenEXR","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2020-16587","Description":"A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.","Metadata":{},"Name":"CVE-2020-16587","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","base_metrics":{"base_score":5.5,"exploitability_score":1.8,"impact_score":3.6,"base_severity":"Medium"}}]}}} +{ + "identifier": "rhel:6/cve-2020-16587", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 5.5, + "base_severity": "Medium", + "exploitability_score": 1.8, + "impact_score": 3.6 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.", + "FixedIn": [ + { + "Module": null, + "Name": "OpenEXR", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2020-16587", + "Metadata": {}, + "Name": "CVE-2020-16587", + "NamespaceName": "rhel:6", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2020-16588.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2020-16588.json index 7196a85e..171e1cd7 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2020-16588.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2020-16588.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2020-16588","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:6","FixedIn":[{"Name":"OpenEXR","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2020-16588","Description":"A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.","Metadata":{},"Name":"CVE-2020-16588","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","base_metrics":{"base_score":5.5,"exploitability_score":1.8,"impact_score":3.6,"base_severity":"Medium"}}]}}} +{ + "identifier": "rhel:6/cve-2020-16588", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 5.5, + "base_severity": "Medium", + "exploitability_score": 1.8, + "impact_score": 3.6 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.", + "FixedIn": [ + { + "Module": null, + "Name": "OpenEXR", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2020-16588", + "Metadata": {}, + "Name": "CVE-2020-16588", + "NamespaceName": "rhel:6", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2021-20298.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2021-20298.json index 69470991..40118958 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2021-20298.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2021-20298.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2021-20298","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:6","FixedIn":[{"Name":"OpenEXR","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2021-20298","Description":"A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.","Metadata":{},"Name":"CVE-2021-20298","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","base_metrics":{"base_score":7.5,"exploitability_score":3.9,"impact_score":3.6,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:6/cve-2021-20298", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.5, + "base_severity": "High", + "exploitability_score": 3.9, + "impact_score": 3.6 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.", + "FixedIn": [ + { + "Module": null, + "Name": "OpenEXR", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2021-20298", + "Metadata": {}, + "Name": "CVE-2021-20298", + "NamespaceName": "rhel:6", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2021-20299.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2021-20299.json index 16c68e6c..34ab0c10 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2021-20299.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2021-20299.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2021-20299","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:6","FixedIn":[{"Name":"OpenEXR","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2021-20299","Description":"A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.","Metadata":{},"Name":"CVE-2021-20299","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","base_metrics":{"base_score":7.5,"exploitability_score":3.9,"impact_score":3.6,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:6/cve-2021-20299", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.5, + "base_severity": "High", + "exploitability_score": 3.9, + "impact_score": 3.6 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.", + "FixedIn": [ + { + "Module": null, + "Name": "OpenEXR", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2021-20299", + "Metadata": {}, + "Name": "CVE-2021-20299", + "NamespaceName": "rhel:6", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1921.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1921.json index 82339b24..85c599f5 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1921.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1921.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2022-1921","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:6","FixedIn":[{"Name":"gstreamer-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1921","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the avi demuxer when processing a specially crafted AVI file. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1921","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:6/cve-2022-1921", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the avi demuxer when processing a specially crafted AVI file. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer-plugins-good", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1921", + "Metadata": {}, + "Name": "CVE-2022-1921", + "NamespaceName": "rhel:6", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1922.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1922.json index e28ce0b1..f67e917a 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1922.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1922.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2022-1922","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:6","FixedIn":[{"Name":"gstreamer-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1922","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using zlib decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1922","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:6/cve-2022-1922", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using zlib decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer-plugins-good", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1922", + "Metadata": {}, + "Name": "CVE-2022-1922", + "NamespaceName": "rhel:6", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1923.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1923.json index 2e805fdf..a36d26b4 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1923.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1923.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2022-1923","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:6","FixedIn":[{"Name":"gstreamer-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1923","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using bzip decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1923","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:6/cve-2022-1923", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using bzip decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer-plugins-good", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1923", + "Metadata": {}, + "Name": "CVE-2022-1923", + "NamespaceName": "rhel:6", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1924.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1924.json index 72417a2f..79591689 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1924.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1924.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2022-1924","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:6","FixedIn":[{"Name":"gstreamer-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1924","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using lzo decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1924","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:6/cve-2022-1924", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using lzo decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer-plugins-good", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1924", + "Metadata": {}, + "Name": "CVE-2022-1924", + "NamespaceName": "rhel:6", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1925.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1925.json index e1af26f8..16879727 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1925.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2022-1925.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2022-1925","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:6","FixedIn":[{"Name":"gstreamer-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1925","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using HEADERSTRIP decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1925","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:6/cve-2022-1925", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using HEADERSTRIP decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer-plugins-good", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1925", + "Metadata": {}, + "Name": "CVE-2022-1925", + "NamespaceName": "rhel:6", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-4863.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-4863.json index d7e60941..192a39dd 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-4863.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-4863.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2023-4863","item":{"Vulnerability":{"Severity":"High","NamespaceName":"rhel:6","FixedIn":[{"Name":"firefox","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-4863","Description":"A heap-based buffer flaw was found in the way libwebp, a library used to process \"WebP\" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.","Metadata":{},"Name":"CVE-2023-4863","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","base_metrics":{"base_score":9.6,"exploitability_score":2.8,"impact_score":6.0,"base_severity":"Critical"}}]}}} +{ + "identifier": "rhel:6/cve-2023-4863", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 9.6, + "base_severity": "Critical", + "exploitability_score": 2.8, + "impact_score": 6.0 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A heap-based buffer flaw was found in the way libwebp, a library used to process \"WebP\" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.", + "FixedIn": [ + { + "Module": null, + "Name": "firefox", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-4863", + "Metadata": {}, + "Name": "CVE-2023-4863", + "NamespaceName": "rhel:6", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-5129.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-5129.json index 086a521b..4b6c7922 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-5129.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-5129.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2023-5129","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"rhel:6","FixedIn":[{"Name":"firefox","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-5129","Description":"This CVE ID has been rejected by its CVE Numbering Authority. Duplicate of CVE-2023-4863.","Metadata":{},"Name":"CVE-2023-5129","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N","base_metrics":{"base_score":0.0,"exploitability_score":2.8,"impact_score":-0.2,"base_severity":"None"}}]}}} +{ + "identifier": "rhel:6/cve-2023-5129", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 0.0, + "base_severity": "None", + "exploitability_score": 2.8, + "impact_score": -0.2 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N", + "version": "3.1" + } + ], + "Description": "This CVE ID has been rejected by its CVE Numbering Authority. Duplicate of CVE-2023-4863.", + "FixedIn": [ + { + "Module": null, + "Name": "firefox", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-5129", + "Metadata": {}, + "Name": "CVE-2023-5129", + "NamespaceName": "rhel:6", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-5217.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-5217.json index 1e826db2..8b2e0b0d 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-5217.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:6/cve-2023-5217.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:6/cve-2023-5217","item":{"Vulnerability":{"Severity":"High","NamespaceName":"rhel:6","FixedIn":[{"Name":"libvpx","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:6","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-5217","Description":"A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.","Metadata":{},"Name":"CVE-2023-5217","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":8.8,"exploitability_score":2.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:6/cve-2023-5217", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 8.8, + "base_severity": "High", + "exploitability_score": 2.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.", + "FixedIn": [ + { + "Module": null, + "Name": "libvpx", + "NamespaceName": "rhel:6", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-5217", + "Metadata": {}, + "Name": "CVE-2023-5217", + "NamespaceName": "rhel:6", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3509.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3509.json index a30b025f..01959b46 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3509.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3509.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2017-3509","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:7","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-2.b11.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1108","Link":"https://access.redhat.com/errata/RHSA-2017:1108"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3509","Description":"It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user.","Metadata":{},"Name":"CVE-2017-3509","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","base_metrics":{"base_score":4.2,"exploitability_score":1.6,"impact_score":2.5,"base_severity":"Medium"}}]}}} +{ + "identifier": "rhel:7/cve-2017-3509", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 4.2, + "base_severity": "Medium", + "exploitability_score": 1.6, + "impact_score": 2.5 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", + "version": "3.0" + } + ], + "Description": "It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1108", + "Link": "https://access.redhat.com/errata/RHSA-2017:1108" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-2.b11.el7_3", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el7_3", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3509", + "Metadata": {}, + "Name": "CVE-2017-3509", + "NamespaceName": "rhel:7", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3511.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3511.json index c5bc0642..b8b270e9 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3511.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3511.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2017-3511","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:7","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-2.b11.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1108","Link":"https://access.redhat.com/errata/RHSA-2017:1108"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3511","Description":"An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges.","Metadata":{},"Name":"CVE-2017-3511","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.0,"exploitability_score":1.0,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:7/cve-2017-3511", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.0, + "base_severity": "High", + "exploitability_score": 1.0, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + ], + "Description": "An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1108", + "Link": "https://access.redhat.com/errata/RHSA-2017:1108" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-2.b11.el7_3", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el7_3", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3511", + "Metadata": {}, + "Name": "CVE-2017-3511", + "NamespaceName": "rhel:7", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3526.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3526.json index 8184a6f6..4aad6ac9 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3526.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3526.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2017-3526","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:7","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-2.b11.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1108","Link":"https://access.redhat.com/errata/RHSA-2017:1108"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3526","Description":"It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory.","Metadata":{},"Name":"CVE-2017-3526","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","base_metrics":{"base_score":5.9,"exploitability_score":2.2,"impact_score":3.6,"base_severity":"Medium"}}]}}} +{ + "identifier": "rhel:7/cve-2017-3526", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 5.9, + "base_severity": "Medium", + "exploitability_score": 2.2, + "impact_score": 3.6 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + ], + "Description": "It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1108", + "Link": "https://access.redhat.com/errata/RHSA-2017:1108" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-2.b11.el7_3", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el7_3", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3526", + "Metadata": {}, + "Name": "CVE-2017-3526", + "NamespaceName": "rhel:7", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3533.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3533.json index 6d72e66a..5dbf35b9 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3533.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3533.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2017-3533","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:7","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-2.b11.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1108","Link":"https://access.redhat.com/errata/RHSA-2017:1108"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3533","Description":"A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application.","Metadata":{},"Name":"CVE-2017-3533","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","base_metrics":{"base_score":3.7,"exploitability_score":2.2,"impact_score":1.4,"base_severity":"Low"}}]}}} +{ + "identifier": "rhel:7/cve-2017-3533", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 3.7, + "base_severity": "Low", + "exploitability_score": 2.2, + "impact_score": 1.4 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.0" + } + ], + "Description": "A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1108", + "Link": "https://access.redhat.com/errata/RHSA-2017:1108" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-2.b11.el7_3", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el7_3", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3533", + "Metadata": {}, + "Name": "CVE-2017-3533", + "NamespaceName": "rhel:7", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3539.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3539.json index ec1bfd9b..a9dbdde8 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3539.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3539.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2017-3539","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:7","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-2.b11.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1108","Link":"https://access.redhat.com/errata/RHSA-2017:1108"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3539","Description":"It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm.","Metadata":{},"Name":"CVE-2017-3539","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","base_metrics":{"base_score":3.1,"exploitability_score":1.6,"impact_score":1.4,"base_severity":"Low"}}]}}} +{ + "identifier": "rhel:7/cve-2017-3539", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 3.1, + "base_severity": "Low", + "exploitability_score": 1.6, + "impact_score": 1.4 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", + "version": "3.0" + } + ], + "Description": "It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1108", + "Link": "https://access.redhat.com/errata/RHSA-2017:1108" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-2.b11.el7_3", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el7_3", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3539", + "Metadata": {}, + "Name": "CVE-2017-3539", + "NamespaceName": "rhel:7", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3544.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3544.json index 506e9405..3c116075 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3544.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2017-3544.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2017-3544","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:7","FixedIn":[{"Name":"java-1.8.0-openjdk","Version":"1:1.8.0.131-2.b11.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1108","Link":"https://access.redhat.com/errata/RHSA-2017:1108"}]}},{"Name":"java-1.7.0-openjdk","Version":"1:1.7.0.141-2.6.10.1.el7_3","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2017:1204","Link":"https://access.redhat.com/errata/RHSA-2017:1204"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2017-3544","Description":"A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application.","Metadata":{},"Name":"CVE-2017-3544","CVSS":[{"version":"3.0","status":"verified","vector_string":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","base_metrics":{"base_score":3.7,"exploitability_score":2.2,"impact_score":1.4,"base_severity":"Low"}}]}}} +{ + "identifier": "rhel:7/cve-2017-3544", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 3.7, + "base_severity": "Low", + "exploitability_score": 2.2, + "impact_score": 1.4 + }, + "status": "verified", + "vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.0" + } + ], + "Description": "A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application.", + "FixedIn": [ + { + "Module": null, + "Name": "java-1.8.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1108", + "Link": "https://access.redhat.com/errata/RHSA-2017:1108" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.8.0.131-2.b11.el7_3", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "java-1.7.0-openjdk", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2017:1204", + "Link": "https://access.redhat.com/errata/RHSA-2017:1204" + } + ], + "NoAdvisory": false + }, + "Version": "1:1.7.0.141-2.6.10.1.el7_3", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2017-3544", + "Metadata": {}, + "Name": "CVE-2017-3544", + "NamespaceName": "rhel:7", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2020-16587.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2020-16587.json index b127c1d7..a9fcc02d 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2020-16587.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2020-16587.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2020-16587","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:7","FixedIn":[{"Name":"OpenEXR","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2020-16587","Description":"A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.","Metadata":{},"Name":"CVE-2020-16587","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","base_metrics":{"base_score":5.5,"exploitability_score":1.8,"impact_score":3.6,"base_severity":"Medium"}}]}}} +{ + "identifier": "rhel:7/cve-2020-16587", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 5.5, + "base_severity": "Medium", + "exploitability_score": 1.8, + "impact_score": 3.6 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.", + "FixedIn": [ + { + "Module": null, + "Name": "OpenEXR", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2020-16587", + "Metadata": {}, + "Name": "CVE-2020-16587", + "NamespaceName": "rhel:7", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2020-16588.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2020-16588.json index f5e16c2d..a694fdc5 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2020-16588.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2020-16588.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2020-16588","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:7","FixedIn":[{"Name":"OpenEXR","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2020-16588","Description":"A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.","Metadata":{},"Name":"CVE-2020-16588","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","base_metrics":{"base_score":5.5,"exploitability_score":1.8,"impact_score":3.6,"base_severity":"Medium"}}]}}} +{ + "identifier": "rhel:7/cve-2020-16588", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 5.5, + "base_severity": "Medium", + "exploitability_score": 1.8, + "impact_score": 3.6 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.", + "FixedIn": [ + { + "Module": null, + "Name": "OpenEXR", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2020-16588", + "Metadata": {}, + "Name": "CVE-2020-16588", + "NamespaceName": "rhel:7", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2021-20298.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2021-20298.json index 5e7038e8..59b48c1d 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2021-20298.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2021-20298.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2021-20298","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:7","FixedIn":[{"Name":"OpenEXR","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2021-20298","Description":"A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.","Metadata":{},"Name":"CVE-2021-20298","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","base_metrics":{"base_score":7.5,"exploitability_score":3.9,"impact_score":3.6,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:7/cve-2021-20298", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.5, + "base_severity": "High", + "exploitability_score": 3.9, + "impact_score": 3.6 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.", + "FixedIn": [ + { + "Module": null, + "Name": "OpenEXR", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2021-20298", + "Metadata": {}, + "Name": "CVE-2021-20298", + "NamespaceName": "rhel:7", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2021-20299.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2021-20299.json index 5e0d165d..b154e9e1 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2021-20299.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2021-20299.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2021-20299","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:7","FixedIn":[{"Name":"OpenEXR","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2021-20299","Description":"A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.","Metadata":{},"Name":"CVE-2021-20299","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","base_metrics":{"base_score":7.5,"exploitability_score":3.9,"impact_score":3.6,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:7/cve-2021-20299", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.5, + "base_severity": "High", + "exploitability_score": 3.9, + "impact_score": 3.6 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.", + "FixedIn": [ + { + "Module": null, + "Name": "OpenEXR", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2021-20299", + "Metadata": {}, + "Name": "CVE-2021-20299", + "NamespaceName": "rhel:7", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1921.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1921.json index 52873d7c..50079b9d 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1921.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1921.json @@ -1 +1,49 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2022-1921","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:7","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}},{"Name":"gstreamer-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1921","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the avi demuxer when processing a specially crafted AVI file. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1921","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:7/cve-2022-1921", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the avi demuxer when processing a specially crafted AVI file. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "gstreamer-plugins-good", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1921", + "Metadata": {}, + "Name": "CVE-2022-1921", + "NamespaceName": "rhel:7", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1922.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1922.json index 20fc85b6..6f0a26ba 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1922.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1922.json @@ -1 +1,49 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2022-1922","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:7","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}},{"Name":"gstreamer-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1922","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using zlib decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1922","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:7/cve-2022-1922", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using zlib decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "gstreamer-plugins-good", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1922", + "Metadata": {}, + "Name": "CVE-2022-1922", + "NamespaceName": "rhel:7", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1923.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1923.json index 8874af33..c7ca37e9 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1923.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1923.json @@ -1 +1,49 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2022-1923","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:7","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}},{"Name":"gstreamer-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1923","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using bzip decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1923","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:7/cve-2022-1923", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using bzip decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "gstreamer-plugins-good", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1923", + "Metadata": {}, + "Name": "CVE-2022-1923", + "NamespaceName": "rhel:7", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1924.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1924.json index a00b17fa..197b1be1 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1924.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1924.json @@ -1 +1,49 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2022-1924","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:7","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}},{"Name":"gstreamer-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1924","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using lzo decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1924","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:7/cve-2022-1924", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using lzo decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "gstreamer-plugins-good", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1924", + "Metadata": {}, + "Name": "CVE-2022-1924", + "NamespaceName": "rhel:7", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1925.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1925.json index 6923ad4e..91dc2333 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1925.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2022-1925.json @@ -1 +1,49 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2022-1925","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:7","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}},{"Name":"gstreamer-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1925","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using HEADERSTRIP decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1925","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:7/cve-2022-1925", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using HEADERSTRIP decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "gstreamer-plugins-good", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1925", + "Metadata": {}, + "Name": "CVE-2022-1925", + "NamespaceName": "rhel:7", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-4863.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-4863.json index 802e39ac..cfc03243 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-4863.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-4863.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2023-4863","item":{"Vulnerability":{"Severity":"High","NamespaceName":"rhel:7","FixedIn":[{"Name":"thunderbird","Version":"0:102.15.1-1.el7_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5191","Link":"https://access.redhat.com/errata/RHSA-2023:5191"}]}},{"Name":"firefox","Version":"0:102.15.1-1.el7_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5197","Link":"https://access.redhat.com/errata/RHSA-2023:5197"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-4863","Description":"A heap-based buffer flaw was found in the way libwebp, a library used to process \"WebP\" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.","Metadata":{},"Name":"CVE-2023-4863","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","base_metrics":{"base_score":9.6,"exploitability_score":2.8,"impact_score":6.0,"base_severity":"Critical"}}]}}} +{ + "identifier": "rhel:7/cve-2023-4863", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 9.6, + "base_severity": "Critical", + "exploitability_score": 2.8, + "impact_score": 6.0 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A heap-based buffer flaw was found in the way libwebp, a library used to process \"WebP\" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.", + "FixedIn": [ + { + "Module": null, + "Name": "thunderbird", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5191", + "Link": "https://access.redhat.com/errata/RHSA-2023:5191" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el7_9", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "firefox", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5197", + "Link": "https://access.redhat.com/errata/RHSA-2023:5197" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el7_9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-4863", + "Metadata": {}, + "Name": "CVE-2023-4863", + "NamespaceName": "rhel:7", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-5129.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-5129.json index 781db5fc..e58ba508 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-5129.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-5129.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2023-5129","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"rhel:7","FixedIn":[{"Name":"thunderbird","Version":"0:102.15.1-1.el7_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5191","Link":"https://access.redhat.com/errata/RHSA-2023:5191"}]}},{"Name":"firefox","Version":"0:102.15.1-1.el7_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5197","Link":"https://access.redhat.com/errata/RHSA-2023:5197"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-5129","Description":"This CVE ID has been rejected by its CVE Numbering Authority. Duplicate of CVE-2023-4863.","Metadata":{},"Name":"CVE-2023-5129","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N","base_metrics":{"base_score":0.0,"exploitability_score":2.8,"impact_score":-0.2,"base_severity":"None"}}]}}} +{ + "identifier": "rhel:7/cve-2023-5129", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 0.0, + "base_severity": "None", + "exploitability_score": 2.8, + "impact_score": -0.2 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N", + "version": "3.1" + } + ], + "Description": "This CVE ID has been rejected by its CVE Numbering Authority. Duplicate of CVE-2023-4863.", + "FixedIn": [ + { + "Module": null, + "Name": "thunderbird", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5191", + "Link": "https://access.redhat.com/errata/RHSA-2023:5191" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el7_9", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "firefox", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5197", + "Link": "https://access.redhat.com/errata/RHSA-2023:5197" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el7_9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-5129", + "Metadata": {}, + "Name": "CVE-2023-5129", + "NamespaceName": "rhel:7", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-5217.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-5217.json index 40454f61..f5cb9d13 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-5217.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:7/cve-2023-5217.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:7/cve-2023-5217","item":{"Vulnerability":{"Severity":"High","NamespaceName":"rhel:7","FixedIn":[{"Name":"thunderbird","Version":"0:115.3.1-1.el7_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5475","Link":"https://access.redhat.com/errata/RHSA-2023:5475"}]}},{"Name":"firefox","Version":"0:115.3.1-1.el7_9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:7","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5477","Link":"https://access.redhat.com/errata/RHSA-2023:5477"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-5217","Description":"A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.","Metadata":{},"Name":"CVE-2023-5217","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":8.8,"exploitability_score":2.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:7/cve-2023-5217", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 8.8, + "base_severity": "High", + "exploitability_score": 2.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.", + "FixedIn": [ + { + "Module": null, + "Name": "thunderbird", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5475", + "Link": "https://access.redhat.com/errata/RHSA-2023:5475" + } + ], + "NoAdvisory": false + }, + "Version": "0:115.3.1-1.el7_9", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "firefox", + "NamespaceName": "rhel:7", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5477", + "Link": "https://access.redhat.com/errata/RHSA-2023:5477" + } + ], + "NoAdvisory": false + }, + "Version": "0:115.3.1-1.el7_9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-5217", + "Metadata": {}, + "Name": "CVE-2023-5217", + "NamespaceName": "rhel:7", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2019-25059.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2019-25059.json index a1da6003..882e9c03 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2019-25059.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2019-25059.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2019-25059","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:8","FixedIn":[{"Name":"ghostscript","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2019-25059","Description":"Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839.","Metadata":{},"Name":"CVE-2019-25059","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:8/cve-2019-25059", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839.", + "FixedIn": [ + { + "Module": null, + "Name": "ghostscript", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2019-25059", + "Metadata": {}, + "Name": "CVE-2019-25059", + "NamespaceName": "rhel:8", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2020-16587.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2020-16587.json index 1005bb8a..a8edfd22 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2020-16587.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2020-16587.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2020-16587","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:8","FixedIn":[{"Name":"OpenEXR","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2020-16587","Description":"A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.","Metadata":{},"Name":"CVE-2020-16587","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","base_metrics":{"base_score":5.5,"exploitability_score":1.8,"impact_score":3.6,"base_severity":"Medium"}}]}}} +{ + "identifier": "rhel:8/cve-2020-16587", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 5.5, + "base_severity": "Medium", + "exploitability_score": 1.8, + "impact_score": 3.6 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.", + "FixedIn": [ + { + "Module": null, + "Name": "OpenEXR", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2020-16587", + "Metadata": {}, + "Name": "CVE-2020-16587", + "NamespaceName": "rhel:8", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2021-20298.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2021-20298.json index 47a19866..352a80c8 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2021-20298.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2021-20298.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2021-20298","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:8","FixedIn":[{"Name":"OpenEXR","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2021-20298","Description":"A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.","Metadata":{},"Name":"CVE-2021-20298","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","base_metrics":{"base_score":7.5,"exploitability_score":3.9,"impact_score":3.6,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:8/cve-2021-20298", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.5, + "base_severity": "High", + "exploitability_score": 3.9, + "impact_score": 3.6 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.", + "FixedIn": [ + { + "Module": null, + "Name": "OpenEXR", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2021-20298", + "Metadata": {}, + "Name": "CVE-2021-20298", + "NamespaceName": "rhel:8", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2021-20299.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2021-20299.json index 248a4ae1..2fc55a66 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2021-20299.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2021-20299.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2021-20299","item":{"Vulnerability":{"Severity":"Low","NamespaceName":"rhel:8","FixedIn":[{"Name":"OpenEXR","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2021-20299","Description":"A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.","Metadata":{},"Name":"CVE-2021-20299","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","base_metrics":{"base_score":7.5,"exploitability_score":3.9,"impact_score":3.6,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:8/cve-2021-20299", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.5, + "base_severity": "High", + "exploitability_score": 3.9, + "impact_score": 3.6 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.", + "FixedIn": [ + { + "Module": null, + "Name": "OpenEXR", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2021-20299", + "Metadata": {}, + "Name": "CVE-2021-20299", + "NamespaceName": "rhel:8", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1921.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1921.json index d1e17531..959c799f 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1921.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1921.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2022-1921","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:8","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1921","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the avi demuxer when processing a specially crafted AVI file. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1921","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:8/cve-2022-1921", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the avi demuxer when processing a specially crafted AVI file. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1921", + "Metadata": {}, + "Name": "CVE-2022-1921", + "NamespaceName": "rhel:8", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1922.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1922.json index 5ff7c13c..f7f9031f 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1922.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1922.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2022-1922","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:8","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1922","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using zlib decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1922","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:8/cve-2022-1922", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using zlib decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1922", + "Metadata": {}, + "Name": "CVE-2022-1922", + "NamespaceName": "rhel:8", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1923.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1923.json index 91c1bc5c..7baf2610 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1923.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1923.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2022-1923","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:8","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1923","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using bzip decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1923","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:8/cve-2022-1923", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using bzip decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1923", + "Metadata": {}, + "Name": "CVE-2022-1923", + "NamespaceName": "rhel:8", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1924.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1924.json index 30270f97..68099497 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1924.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1924.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2022-1924","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:8","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1924","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using lzo decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1924","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:8/cve-2022-1924", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using lzo decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1924", + "Metadata": {}, + "Name": "CVE-2022-1924", + "NamespaceName": "rhel:8", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1925.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1925.json index 26c73d0a..32508407 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1925.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2022-1925.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2022-1925","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:8","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1925","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using HEADERSTRIP decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1925","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:8/cve-2022-1925", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using HEADERSTRIP decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1925", + "Metadata": {}, + "Name": "CVE-2022-1925", + "NamespaceName": "rhel:8", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-4863.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-4863.json index 679743c3..b0032f3d 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-4863.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-4863.json @@ -1 +1,77 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2023-4863","item":{"Vulnerability":{"Severity":"High","NamespaceName":"rhel:8","FixedIn":[{"Name":"firefox","Version":"0:102.15.1-1.el8_8","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5184","Link":"https://access.redhat.com/errata/RHSA-2023:5184"}]}},{"Name":"thunderbird","Version":"0:102.15.1-1.el8_8","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5201","Link":"https://access.redhat.com/errata/RHSA-2023:5201"}]}},{"Name":"libwebp","Version":"0:1.0.0-8.el8_8.1","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5309","Link":"https://access.redhat.com/errata/RHSA-2023:5309"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-4863","Description":"A heap-based buffer flaw was found in the way libwebp, a library used to process \"WebP\" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.","Metadata":{},"Name":"CVE-2023-4863","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","base_metrics":{"base_score":9.6,"exploitability_score":2.8,"impact_score":6.0,"base_severity":"Critical"}}]}}} +{ + "identifier": "rhel:8/cve-2023-4863", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 9.6, + "base_severity": "Critical", + "exploitability_score": 2.8, + "impact_score": 6.0 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A heap-based buffer flaw was found in the way libwebp, a library used to process \"WebP\" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.", + "FixedIn": [ + { + "Module": null, + "Name": "firefox", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5184", + "Link": "https://access.redhat.com/errata/RHSA-2023:5184" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el8_8", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "thunderbird", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5201", + "Link": "https://access.redhat.com/errata/RHSA-2023:5201" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el8_8", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "libwebp", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5309", + "Link": "https://access.redhat.com/errata/RHSA-2023:5309" + } + ], + "NoAdvisory": false + }, + "Version": "0:1.0.0-8.el8_8.1", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-4863", + "Metadata": {}, + "Name": "CVE-2023-4863", + "NamespaceName": "rhel:8", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-5129.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-5129.json index 4d9c8164..c870306e 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-5129.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-5129.json @@ -1 +1,77 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2023-5129","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"rhel:8","FixedIn":[{"Name":"firefox","Version":"0:102.15.1-1.el8_8","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5184","Link":"https://access.redhat.com/errata/RHSA-2023:5184"}]}},{"Name":"thunderbird","Version":"0:102.15.1-1.el8_8","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5201","Link":"https://access.redhat.com/errata/RHSA-2023:5201"}]}},{"Name":"libwebp","Version":"0:1.0.0-8.el8_8.1","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5309","Link":"https://access.redhat.com/errata/RHSA-2023:5309"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-5129","Description":"This CVE ID has been rejected by its CVE Numbering Authority. Duplicate of CVE-2023-4863.","Metadata":{},"Name":"CVE-2023-5129","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N","base_metrics":{"base_score":0.0,"exploitability_score":2.8,"impact_score":-0.2,"base_severity":"None"}}]}}} +{ + "identifier": "rhel:8/cve-2023-5129", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 0.0, + "base_severity": "None", + "exploitability_score": 2.8, + "impact_score": -0.2 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N", + "version": "3.1" + } + ], + "Description": "This CVE ID has been rejected by its CVE Numbering Authority. Duplicate of CVE-2023-4863.", + "FixedIn": [ + { + "Module": null, + "Name": "firefox", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5184", + "Link": "https://access.redhat.com/errata/RHSA-2023:5184" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el8_8", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "thunderbird", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5201", + "Link": "https://access.redhat.com/errata/RHSA-2023:5201" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el8_8", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "libwebp", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5309", + "Link": "https://access.redhat.com/errata/RHSA-2023:5309" + } + ], + "NoAdvisory": false + }, + "Version": "0:1.0.0-8.el8_8.1", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-5129", + "Metadata": {}, + "Name": "CVE-2023-5129", + "NamespaceName": "rhel:8", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-5217.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-5217.json index bbd74610..be1cd24b 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-5217.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:8/cve-2023-5217.json @@ -1 +1,77 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:8/cve-2023-5217","item":{"Vulnerability":{"Severity":"High","NamespaceName":"rhel:8","FixedIn":[{"Name":"thunderbird","Version":"0:115.3.1-1.el8_8","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5428","Link":"https://access.redhat.com/errata/RHSA-2023:5428"}]}},{"Name":"firefox","Version":"0:115.3.1-1.el8_8","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5433","Link":"https://access.redhat.com/errata/RHSA-2023:5433"}]}},{"Name":"libvpx","Version":"0:1.7.0-10.el8_8","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:8","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5537","Link":"https://access.redhat.com/errata/RHSA-2023:5537"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-5217","Description":"A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.","Metadata":{},"Name":"CVE-2023-5217","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":8.8,"exploitability_score":2.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:8/cve-2023-5217", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 8.8, + "base_severity": "High", + "exploitability_score": 2.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.", + "FixedIn": [ + { + "Module": null, + "Name": "thunderbird", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5428", + "Link": "https://access.redhat.com/errata/RHSA-2023:5428" + } + ], + "NoAdvisory": false + }, + "Version": "0:115.3.1-1.el8_8", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "firefox", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5433", + "Link": "https://access.redhat.com/errata/RHSA-2023:5433" + } + ], + "NoAdvisory": false + }, + "Version": "0:115.3.1-1.el8_8", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "libvpx", + "NamespaceName": "rhel:8", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5537", + "Link": "https://access.redhat.com/errata/RHSA-2023:5537" + } + ], + "NoAdvisory": false + }, + "Version": "0:1.7.0-10.el8_8", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-5217", + "Metadata": {}, + "Name": "CVE-2023-5217", + "NamespaceName": "rhel:8", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2019-25059.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2019-25059.json index 48208f56..a5716593 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2019-25059.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2019-25059.json @@ -1 +1,39 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:9/cve-2019-25059","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:9","FixedIn":[{"Name":"ghostscript","Version":"None","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":true}}],"Link":"https://access.redhat.com/security/cve/CVE-2019-25059","Description":"Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839.","Metadata":{},"Name":"CVE-2019-25059","CVSS":[{"version":"3.1","status":"draft","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:9/cve-2019-25059", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "draft", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839.", + "FixedIn": [ + { + "Module": null, + "Name": "ghostscript", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2019-25059", + "Metadata": {}, + "Name": "CVE-2019-25059", + "NamespaceName": "rhel:9", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1921.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1921.json index 7ce2843f..673fc745 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1921.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1921.json @@ -1 +1,45 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:9/cve-2022-1921","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:9","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"0:1.18.4-6.el9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:2260","Link":"https://access.redhat.com/errata/RHSA-2023:2260"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1921","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the avi demuxer when processing a specially crafted AVI file. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1921","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:9/cve-2022-1921", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the avi demuxer when processing a specially crafted AVI file. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:2260", + "Link": "https://access.redhat.com/errata/RHSA-2023:2260" + } + ], + "NoAdvisory": false + }, + "Version": "0:1.18.4-6.el9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1921", + "Metadata": {}, + "Name": "CVE-2022-1921", + "NamespaceName": "rhel:9", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1922.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1922.json index 2a4a0292..0cf58913 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1922.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1922.json @@ -1 +1,45 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:9/cve-2022-1922","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:9","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"0:1.18.4-6.el9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:2260","Link":"https://access.redhat.com/errata/RHSA-2023:2260"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1922","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using zlib decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1922","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:9/cve-2022-1922", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using zlib decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:2260", + "Link": "https://access.redhat.com/errata/RHSA-2023:2260" + } + ], + "NoAdvisory": false + }, + "Version": "0:1.18.4-6.el9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1922", + "Metadata": {}, + "Name": "CVE-2022-1922", + "NamespaceName": "rhel:9", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1923.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1923.json index c50aafff..85542def 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1923.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1923.json @@ -1 +1,45 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:9/cve-2022-1923","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:9","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"0:1.18.4-6.el9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:2260","Link":"https://access.redhat.com/errata/RHSA-2023:2260"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1923","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using bzip decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1923","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:9/cve-2022-1923", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using bzip decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:2260", + "Link": "https://access.redhat.com/errata/RHSA-2023:2260" + } + ], + "NoAdvisory": false + }, + "Version": "0:1.18.4-6.el9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1923", + "Metadata": {}, + "Name": "CVE-2022-1923", + "NamespaceName": "rhel:9", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1924.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1924.json index 6669fa85..fd45d279 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1924.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1924.json @@ -1 +1,45 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:9/cve-2022-1924","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:9","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"0:1.18.4-6.el9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:2260","Link":"https://access.redhat.com/errata/RHSA-2023:2260"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1924","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using lzo decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1924","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:9/cve-2022-1924", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using lzo decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:2260", + "Link": "https://access.redhat.com/errata/RHSA-2023:2260" + } + ], + "NoAdvisory": false + }, + "Version": "0:1.18.4-6.el9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1924", + "Metadata": {}, + "Name": "CVE-2022-1924", + "NamespaceName": "rhel:9", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1925.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1925.json index f43610d5..8788a51f 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1925.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-1925.json @@ -1 +1,45 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:9/cve-2022-1925","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:9","FixedIn":[{"Name":"gstreamer1-plugins-good","Version":"0:1.18.4-6.el9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:2260","Link":"https://access.redhat.com/errata/RHSA-2023:2260"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-1925","Description":"A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using HEADERSTRIP decompression. This vulnerability can result in application crash, memory corruption, and code execution.","Metadata":{},"Name":"CVE-2022-1925","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.8,"exploitability_score":1.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:9/cve-2022-1925", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.8, + "base_severity": "High", + "exploitability_score": 1.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using HEADERSTRIP decompression. This vulnerability can result in application crash, memory corruption, and code execution.", + "FixedIn": [ + { + "Module": null, + "Name": "gstreamer1-plugins-good", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:2260", + "Link": "https://access.redhat.com/errata/RHSA-2023:2260" + } + ], + "NoAdvisory": false + }, + "Version": "0:1.18.4-6.el9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-1925", + "Metadata": {}, + "Name": "CVE-2022-1925", + "NamespaceName": "rhel:9", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-2309.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-2309.json index 53c860ad..c3845cd6 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-2309.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2022-2309.json @@ -1 +1,45 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:9/cve-2022-2309","item":{"Vulnerability":{"Severity":"Medium","NamespaceName":"rhel:9","FixedIn":[{"Name":"python-lxml","Version":"0:4.6.5-3.el9","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2022:8226","Link":"https://access.redhat.com/errata/RHSA-2022:8226"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2022-2309","Description":"A NULL Pointer dereference vulnerability found in lxml, caused by the iterwalk function (also used by the canonicalize function). This flaw can lead to a crash when the incorrect parser input occurs together with usages.","Metadata":{},"Name":"CVE-2022-2309","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","base_metrics":{"base_score":7.5,"exploitability_score":3.9,"impact_score":3.6,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:9/cve-2022-2309", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.5, + "base_severity": "High", + "exploitability_score": 3.9, + "impact_score": 3.6 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ], + "Description": "A NULL Pointer dereference vulnerability found in lxml, caused by the iterwalk function (also used by the canonicalize function). This flaw can lead to a crash when the incorrect parser input occurs together with usages.", + "FixedIn": [ + { + "Module": null, + "Name": "python-lxml", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2022:8226", + "Link": "https://access.redhat.com/errata/RHSA-2022:8226" + } + ], + "NoAdvisory": false + }, + "Version": "0:4.6.5-3.el9", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2022-2309", + "Metadata": {}, + "Name": "CVE-2022-2309", + "NamespaceName": "rhel:9", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-4863.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-4863.json index 7850c562..80851c54 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-4863.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-4863.json @@ -1 +1,77 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:9/cve-2023-4863","item":{"Vulnerability":{"Severity":"High","NamespaceName":"rhel:9","FixedIn":[{"Name":"firefox","Version":"0:102.15.1-1.el9_2","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5200","Link":"https://access.redhat.com/errata/RHSA-2023:5200"}]}},{"Name":"libwebp","Version":"0:1.2.0-7.el9_2","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5214","Link":"https://access.redhat.com/errata/RHSA-2023:5214"}]}},{"Name":"thunderbird","Version":"0:102.15.1-1.el9_2","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5224","Link":"https://access.redhat.com/errata/RHSA-2023:5224"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-4863","Description":"A heap-based buffer flaw was found in the way libwebp, a library used to process \"WebP\" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.","Metadata":{},"Name":"CVE-2023-4863","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","base_metrics":{"base_score":9.6,"exploitability_score":2.8,"impact_score":6.0,"base_severity":"Critical"}}]}}} +{ + "identifier": "rhel:9/cve-2023-4863", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 9.6, + "base_severity": "Critical", + "exploitability_score": 2.8, + "impact_score": 6.0 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A heap-based buffer flaw was found in the way libwebp, a library used to process \"WebP\" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library.", + "FixedIn": [ + { + "Module": null, + "Name": "firefox", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5200", + "Link": "https://access.redhat.com/errata/RHSA-2023:5200" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el9_2", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "libwebp", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5214", + "Link": "https://access.redhat.com/errata/RHSA-2023:5214" + } + ], + "NoAdvisory": false + }, + "Version": "0:1.2.0-7.el9_2", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "thunderbird", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5224", + "Link": "https://access.redhat.com/errata/RHSA-2023:5224" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el9_2", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-4863", + "Metadata": {}, + "Name": "CVE-2023-4863", + "NamespaceName": "rhel:9", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-5129.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-5129.json index d1d77a3e..b24f0c97 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-5129.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-5129.json @@ -1 +1,77 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:9/cve-2023-5129","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"rhel:9","FixedIn":[{"Name":"firefox","Version":"0:102.15.1-1.el9_2","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5200","Link":"https://access.redhat.com/errata/RHSA-2023:5200"}]}},{"Name":"libwebp","Version":"0:1.2.0-7.el9_2","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5214","Link":"https://access.redhat.com/errata/RHSA-2023:5214"}]}},{"Name":"thunderbird","Version":"0:102.15.1-1.el9_2","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5224","Link":"https://access.redhat.com/errata/RHSA-2023:5224"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-5129","Description":"This CVE ID has been rejected by its CVE Numbering Authority. Duplicate of CVE-2023-4863.","Metadata":{},"Name":"CVE-2023-5129","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N","base_metrics":{"base_score":0.0,"exploitability_score":2.8,"impact_score":-0.2,"base_severity":"None"}}]}}} +{ + "identifier": "rhel:9/cve-2023-5129", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 0.0, + "base_severity": "None", + "exploitability_score": 2.8, + "impact_score": -0.2 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N", + "version": "3.1" + } + ], + "Description": "This CVE ID has been rejected by its CVE Numbering Authority. Duplicate of CVE-2023-4863.", + "FixedIn": [ + { + "Module": null, + "Name": "firefox", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5200", + "Link": "https://access.redhat.com/errata/RHSA-2023:5200" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el9_2", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "libwebp", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5214", + "Link": "https://access.redhat.com/errata/RHSA-2023:5214" + } + ], + "NoAdvisory": false + }, + "Version": "0:1.2.0-7.el9_2", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "thunderbird", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5224", + "Link": "https://access.redhat.com/errata/RHSA-2023:5224" + } + ], + "NoAdvisory": false + }, + "Version": "0:102.15.1-1.el9_2", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-5129", + "Metadata": {}, + "Name": "CVE-2023-5129", + "NamespaceName": "rhel:9", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-5217.json b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-5217.json index 518e282e..5c8f7036 100644 --- a/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-5217.json +++ b/tests/unit/providers/rhel/test-fixtures/snapshots/rhel:9/cve-2023-5217.json @@ -1 +1,77 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"rhel:9/cve-2023-5217","item":{"Vulnerability":{"Severity":"High","NamespaceName":"rhel:9","FixedIn":[{"Name":"firefox","Version":"0:115.3.1-1.el9_2","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5434","Link":"https://access.redhat.com/errata/RHSA-2023:5434"}]}},{"Name":"thunderbird","Version":"0:115.3.1-1.el9_2","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5435","Link":"https://access.redhat.com/errata/RHSA-2023:5435"}]}},{"Name":"libvpx","Version":"0:1.9.0-7.el9_2","Module":null,"VersionFormat":"rpm","NamespaceName":"rhel:9","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[{"ID":"RHSA-2023:5539","Link":"https://access.redhat.com/errata/RHSA-2023:5539"}]}}],"Link":"https://access.redhat.com/security/cve/CVE-2023-5217","Description":"A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.","Metadata":{},"Name":"CVE-2023-5217","CVSS":[{"version":"3.1","status":"verified","vector_string":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","base_metrics":{"base_score":8.8,"exploitability_score":2.8,"impact_score":5.9,"base_severity":"High"}}]}}} +{ + "identifier": "rhel:9/cve-2023-5217", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 8.8, + "base_severity": "High", + "exploitability_score": 2.8, + "impact_score": 5.9 + }, + "status": "verified", + "vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.", + "FixedIn": [ + { + "Module": null, + "Name": "firefox", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5434", + "Link": "https://access.redhat.com/errata/RHSA-2023:5434" + } + ], + "NoAdvisory": false + }, + "Version": "0:115.3.1-1.el9_2", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "thunderbird", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5435", + "Link": "https://access.redhat.com/errata/RHSA-2023:5435" + } + ], + "NoAdvisory": false + }, + "Version": "0:115.3.1-1.el9_2", + "VersionFormat": "rpm" + }, + { + "Module": null, + "Name": "libvpx", + "NamespaceName": "rhel:9", + "VendorAdvisory": { + "AdvisorySummary": [ + { + "ID": "RHSA-2023:5539", + "Link": "https://access.redhat.com/errata/RHSA-2023:5539" + } + ], + "NoAdvisory": false + }, + "Version": "0:1.9.0-7.el9_2", + "VersionFormat": "rpm" + } + ], + "Link": "https://access.redhat.com/security/cve/CVE-2023-5217", + "Metadata": {}, + "Name": "CVE-2023-5217", + "NamespaceName": "rhel:9", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/sles/test-fixtures/snapshots/sles:15.1/cve-2021-29154.json b/tests/unit/providers/sles/test-fixtures/snapshots/sles:15.1/cve-2021-29154.json index 4ad117aa..bde6f096 100644 --- a/tests/unit/providers/sles/test-fixtures/snapshots/sles:15.1/cve-2021-29154.json +++ b/tests/unit/providers/sles/test-fixtures/snapshots/sles:15.1/cve-2021-29154.json @@ -1 +1,41 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"sles:15.1/cve-2021-29154","item":{"Vulnerability":{"Name":"CVE-2021-29154","NamespaceName":"sles:15.1","Description":"BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.","Severity":"High","Link":"https://www.suse.com/security/cve/CVE-2021-29154","CVSS":[{"version":"3.1","vector_string":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.0,"exploitability_score":1.0,"impact_score":5.9,"base_severity":"High"},"status":"N/A"}],"FixedIn":[{"Name":"kernel-default","NamespaceName":"sles:15.1","VersionFormat":"rpm","Version":"0:4.12.14-197.89.2","Module":"","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]},"VulnerableRange":null}],"Metadata":{}}}} +{ + "identifier": "sles:15.1/cve-2021-29154", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.0, + "base_severity": "High", + "exploitability_score": 1.0, + "impact_score": 5.9 + }, + "status": "N/A", + "vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.", + "FixedIn": [ + { + "Module": "", + "Name": "kernel-default", + "NamespaceName": "sles:15.1", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "0:4.12.14-197.89.2", + "VersionFormat": "rpm", + "VulnerableRange": null + } + ], + "Link": "https://www.suse.com/security/cve/CVE-2021-29154", + "Metadata": {}, + "Name": "CVE-2021-29154", + "NamespaceName": "sles:15.1", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/sles/test-fixtures/snapshots/sles:15/cve-2021-29154.json b/tests/unit/providers/sles/test-fixtures/snapshots/sles:15/cve-2021-29154.json index c348671c..37be8d5b 100644 --- a/tests/unit/providers/sles/test-fixtures/snapshots/sles:15/cve-2021-29154.json +++ b/tests/unit/providers/sles/test-fixtures/snapshots/sles:15/cve-2021-29154.json @@ -1 +1,41 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"sles:15/cve-2021-29154","item":{"Vulnerability":{"Name":"CVE-2021-29154","NamespaceName":"sles:15","Description":"BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.","Severity":"High","Link":"https://www.suse.com/security/cve/CVE-2021-29154","CVSS":[{"version":"3.1","vector_string":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","base_metrics":{"base_score":7.0,"exploitability_score":1.0,"impact_score":5.9,"base_severity":"High"},"status":"N/A"}],"FixedIn":[{"Name":"kernel-default","NamespaceName":"sles:15","VersionFormat":"rpm","Version":"0:4.12.14-150.72.1","Module":"","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]},"VulnerableRange":null}],"Metadata":{}}}} +{ + "identifier": "sles:15/cve-2021-29154", + "item": { + "Vulnerability": { + "CVSS": [ + { + "base_metrics": { + "base_score": 7.0, + "base_severity": "High", + "exploitability_score": 1.0, + "impact_score": 5.9 + }, + "status": "N/A", + "vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ], + "Description": "BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.", + "FixedIn": [ + { + "Module": "", + "Name": "kernel-default", + "NamespaceName": "sles:15", + "VendorAdvisory": { + "AdvisorySummary": [], + "NoAdvisory": false + }, + "Version": "0:4.12.14-150.72.1", + "VersionFormat": "rpm", + "VulnerableRange": null + } + ], + "Link": "https://www.suse.com/security/cve/CVE-2021-29154", + "Metadata": {}, + "Name": "CVE-2021-29154", + "NamespaceName": "sles:15", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2019-17185.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2019-17185.json index 0bf55fb6..8ec5a2b8 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2019-17185.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2019-17185.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:14.04/cve-2019-17185","item":{"Vulnerability":{"Name":"CVE-2019-17185","NamespaceName":"ubuntu:14.04","Description":"","Severity":"Low","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2019-17185","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:14.04/cve-2019-17185", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2019-17185", + "Metadata": {}, + "Name": "CVE-2019-17185", + "NamespaceName": "ubuntu:14.04", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2021-4204.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2021-4204.json index 70b0eeff..b944627d 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2021-4204.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2021-4204.json @@ -1 +1,52 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:14.04/cve-2021-4204","item":{"Vulnerability":{"Name":"CVE-2021-4204","NamespaceName":"ubuntu:14.04","Description":"","Severity":"High","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2021-4204","FixedIn":[{"Name":"linux-lts-xenial","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-aws","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-azure","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-fips","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:14.04/cve-2021-4204", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux-lts-xenial", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-fips", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2021-4204", + "Metadata": {}, + "Name": "CVE-2021-4204", + "NamespaceName": "ubuntu:14.04", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-20566.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-20566.json index 444099a7..a46fe51e 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-20566.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-20566.json @@ -1 +1,61 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:14.04/cve-2022-20566","item":{"Vulnerability":{"Name":"CVE-2022-20566","NamespaceName":"ubuntu:14.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-20566","FixedIn":[{"Name":"linux","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-lts-xenial","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-aws","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-azure","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-fips","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:14.04/cve-2022-20566", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-lts-xenial", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-fips", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-20566", + "Metadata": {}, + "Name": "CVE-2022-20566", + "NamespaceName": "ubuntu:14.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41859.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41859.json index 5c12be2c..47cb796b 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41859.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41859.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:14.04/cve-2022-41859","item":{"Vulnerability":{"Name":"CVE-2022-41859","NamespaceName":"ubuntu:14.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41859","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:14.04/cve-2022-41859", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41859", + "Metadata": {}, + "Name": "CVE-2022-41859", + "NamespaceName": "ubuntu:14.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41860.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41860.json index d75c7e31..462296fd 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41860.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41860.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:14.04/cve-2022-41860","item":{"Vulnerability":{"Name":"CVE-2022-41860","NamespaceName":"ubuntu:14.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41860","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:14.04/cve-2022-41860", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41860", + "Metadata": {}, + "Name": "CVE-2022-41860", + "NamespaceName": "ubuntu:14.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41861.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41861.json index 5ad7c88d..05f02fc4 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41861.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:14.04/cve-2022-41861.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:14.04/cve-2022-41861","item":{"Vulnerability":{"Name":"CVE-2022-41861","NamespaceName":"ubuntu:14.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41861","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:14.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:14.04/cve-2022-41861", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:14.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41861", + "Metadata": {}, + "Name": "CVE-2022-41861", + "NamespaceName": "ubuntu:14.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2019-17185.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2019-17185.json index 8935dd73..fef66af5 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2019-17185.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2019-17185.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:16.04/cve-2019-17185","item":{"Vulnerability":{"Name":"CVE-2019-17185","NamespaceName":"ubuntu:16.04","Description":"","Severity":"Low","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2019-17185","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:16.04/cve-2019-17185", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2019-17185", + "Metadata": {}, + "Name": "CVE-2019-17185", + "NamespaceName": "ubuntu:16.04", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2021-4204.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2021-4204.json index 24ea857b..5860d642 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2021-4204.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2021-4204.json @@ -1 +1,115 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:16.04/cve-2021-4204","item":{"Vulnerability":{"Name":"CVE-2021-4204","NamespaceName":"ubuntu:16.04","Description":"","Severity":"High","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2021-4204","FixedIn":[{"Name":"linux-hwe","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-kvm","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-aws","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-aws-hwe","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-azure","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-gcp","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-gke","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-oracle","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-raspi2","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-snapdragon","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-fips","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:16.04/cve-2021-4204", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux-hwe", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-kvm", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws-hwe", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gke", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-raspi2", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-snapdragon", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-fips", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2021-4204", + "Metadata": {}, + "Name": "CVE-2021-4204", + "NamespaceName": "ubuntu:16.04", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-20566.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-20566.json index f5dd9803..c199a365 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-20566.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-20566.json @@ -1 +1,124 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:16.04/cve-2022-20566","item":{"Vulnerability":{"Name":"CVE-2022-20566","NamespaceName":"ubuntu:16.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-20566","FixedIn":[{"Name":"linux","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-hwe","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-kvm","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-aws","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-aws-hwe","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-azure","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-fips","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-gcp","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-gke","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-oracle","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-raspi2","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-snapdragon","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:16.04/cve-2022-20566", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-hwe", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-kvm", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws-hwe", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-fips", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gke", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-raspi2", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-snapdragon", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-20566", + "Metadata": {}, + "Name": "CVE-2022-20566", + "NamespaceName": "ubuntu:16.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41859.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41859.json index 56ac42cf..1122482b 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41859.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41859.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:16.04/cve-2022-41859","item":{"Vulnerability":{"Name":"CVE-2022-41859","NamespaceName":"ubuntu:16.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41859","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:16.04/cve-2022-41859", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41859", + "Metadata": {}, + "Name": "CVE-2022-41859", + "NamespaceName": "ubuntu:16.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41860.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41860.json index ef1036dc..eb051c2d 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41860.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41860.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:16.04/cve-2022-41860","item":{"Vulnerability":{"Name":"CVE-2022-41860","NamespaceName":"ubuntu:16.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41860","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:16.04/cve-2022-41860", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41860", + "Metadata": {}, + "Name": "CVE-2022-41860", + "NamespaceName": "ubuntu:16.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41861.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41861.json index 74f53b65..fc7869b2 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41861.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:16.04/cve-2022-41861.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:16.04/cve-2022-41861","item":{"Vulnerability":{"Name":"CVE-2022-41861","NamespaceName":"ubuntu:16.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41861","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:16.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:16.04/cve-2022-41861", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:16.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41861", + "Metadata": {}, + "Name": "CVE-2022-41861", + "NamespaceName": "ubuntu:16.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2019-17185.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2019-17185.json index 1fc31341..a1728041 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2019-17185.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2019-17185.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:18.04/cve-2019-17185","item":{"Vulnerability":{"Name":"CVE-2019-17185","NamespaceName":"ubuntu:18.04","Description":"","Severity":"Low","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2019-17185","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:18.04/cve-2019-17185", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2019-17185", + "Metadata": {}, + "Name": "CVE-2019-17185", + "NamespaceName": "ubuntu:18.04", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2021-4204.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2021-4204.json index 22a6fd96..b930cb98 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2021-4204.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2021-4204.json @@ -1 +1,70 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:18.04/cve-2021-4204","item":{"Vulnerability":{"Name":"CVE-2021-4204","NamespaceName":"ubuntu:18.04","Description":"","Severity":"High","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2021-4204","FixedIn":[{"Name":"linux-gke-4.15","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-gke-5.0","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-gke-5.3","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-oem","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-oem-osp1","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-raspi2-5.3","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:18.04/cve-2021-4204", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux-gke-4.15", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gke-5.0", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gke-5.3", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-osp1", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-raspi2-5.3", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2021-4204", + "Metadata": {}, + "Name": "CVE-2021-4204", + "NamespaceName": "ubuntu:18.04", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-20566.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-20566.json index 53e4ad59..c339796c 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-20566.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-20566.json @@ -1 +1,205 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:18.04/cve-2022-20566","item":{"Vulnerability":{"Name":"CVE-2022-20566","NamespaceName":"ubuntu:18.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-20566","FixedIn":[{"Name":"linux","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-hwe-5.4","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-kvm","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-aws","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-aws-5.4","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure-4.15","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure-5.4","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-dell300x","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gcp-4.15","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gcp-5.4","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gke-4.15","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gke-5.4","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gkeop-5.4","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-ibm-5.4","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oracle","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oracle-5.4","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem-osp1","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-raspi2","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-raspi-5.4","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-snapdragon","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:18.04/cve-2022-20566", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-hwe-5.4", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-kvm", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws-5.4", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure-4.15", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure-5.4", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-dell300x", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp-4.15", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp-5.4", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gke-4.15", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gke-5.4", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gkeop-5.4", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-ibm-5.4", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle-5.4", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-osp1", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-raspi2", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-raspi-5.4", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-snapdragon", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-20566", + "Metadata": {}, + "Name": "CVE-2022-20566", + "NamespaceName": "ubuntu:18.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41859.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41859.json index 6ae07cd9..7f2deba1 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41859.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41859.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:18.04/cve-2022-41859","item":{"Vulnerability":{"Name":"CVE-2022-41859","NamespaceName":"ubuntu:18.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41859","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:18.04/cve-2022-41859", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41859", + "Metadata": {}, + "Name": "CVE-2022-41859", + "NamespaceName": "ubuntu:18.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41860.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41860.json index cbd669f2..3310975c 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41860.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41860.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:18.04/cve-2022-41860","item":{"Vulnerability":{"Name":"CVE-2022-41860","NamespaceName":"ubuntu:18.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41860","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:18.04/cve-2022-41860", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41860", + "Metadata": {}, + "Name": "CVE-2022-41860", + "NamespaceName": "ubuntu:18.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41861.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41861.json index be962669..52f7b96f 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41861.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:18.04/cve-2022-41861.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:18.04/cve-2022-41861","item":{"Vulnerability":{"Name":"CVE-2022-41861","NamespaceName":"ubuntu:18.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41861","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:18.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:18.04/cve-2022-41861", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:18.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41861", + "Metadata": {}, + "Name": "CVE-2022-41861", + "NamespaceName": "ubuntu:18.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:19.10/cve-2019-17185.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:19.10/cve-2019-17185.json index ce0f7702..852ed944 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:19.10/cve-2019-17185.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:19.10/cve-2019-17185.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:19.10/cve-2019-17185","item":{"Vulnerability":{"Name":"CVE-2019-17185","NamespaceName":"ubuntu:19.10","Description":"","Severity":"Low","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2019-17185","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:19.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:19.10/cve-2019-17185", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:19.10", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2019-17185", + "Metadata": {}, + "Name": "CVE-2019-17185", + "NamespaceName": "ubuntu:19.10", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2019-17185.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2019-17185.json index 75e7cc05..b9c4b1ff 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2019-17185.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2019-17185.json @@ -1 +1,15 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:20.04/cve-2019-17185","item":{"Vulnerability":{"Name":"CVE-2019-17185","NamespaceName":"ubuntu:20.04","Description":"","Severity":"Low","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2019-17185","FixedIn":[]}}} +{ + "identifier": "ubuntu:20.04/cve-2019-17185", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://ubuntu.com/security/CVE-2019-17185", + "Metadata": {}, + "Name": "CVE-2019-17185", + "NamespaceName": "ubuntu:20.04", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2021-4204.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2021-4204.json index 766a3f3d..cdd5f1db 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2021-4204.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2021-4204.json @@ -1 +1,214 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:20.04/cve-2021-4204","item":{"Vulnerability":{"Name":"CVE-2021-4204","NamespaceName":"ubuntu:20.04","Description":"","Severity":"High","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2021-4204","FixedIn":[{"Name":"linux-hwe-5.11","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.11.0-46.51~20.04.1","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-aws-5.11","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.11.0-1025.27~20.04.1","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure-5.11","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.11.0-1025.27~20.04.1","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gcp-5.11","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.11.0-1026.29~20.04.1","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oracle-5.11","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.11.0-1025.27~20.04.1","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem-5.10","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.10.0-1055.58","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem-5.13","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.13.0-1026.32","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem-5.14","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.14.0-1018.19","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-riscv-5.11","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.11.0-1026.28~20.04.1","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-hwe-5.13","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.13.0-25.26~20.04.1","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-aws-5.13","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.13.0-1011.12~20.04.1","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oracle-5.13","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.13.0-1015.19~20.04.1","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gcp-5.13","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.13.0-1012.15~20.04.1","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure-5.13","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"5.13.0-1012.14~20.04.1","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-hwe-5.8","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-aws-5.8","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-azure-5.8","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-gcp-5.8","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-intel-5.13","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-oracle-5.8","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-oem-5.6","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}},{"Name":"linux-riscv-5.8","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:20.04/cve-2021-4204", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux-hwe-5.11", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-46.51~20.04.1", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws-5.11", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-1025.27~20.04.1", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure-5.11", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-1025.27~20.04.1", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp-5.11", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-1026.29~20.04.1", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle-5.11", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-1025.27~20.04.1", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-5.10", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.10.0-1055.58", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-5.13", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1026.32", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-5.14", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.14.0-1018.19", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-riscv-5.11", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-1026.28~20.04.1", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-hwe-5.13", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-25.26~20.04.1", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws-5.13", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1011.12~20.04.1", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle-5.13", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1015.19~20.04.1", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp-5.13", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1012.15~20.04.1", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure-5.13", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1012.14~20.04.1", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-hwe-5.8", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws-5.8", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure-5.8", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp-5.8", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-intel-5.13", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle-5.8", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-5.6", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-riscv-5.8", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2021-4204", + "Metadata": {}, + "Name": "CVE-2021-4204", + "NamespaceName": "ubuntu:20.04", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-20566.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-20566.json index ce443125..007aafa7 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-20566.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-20566.json @@ -1 +1,250 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:20.04/cve-2022-20566","item":{"Vulnerability":{"Name":"CVE-2022-20566","NamespaceName":"ubuntu:20.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-20566","FixedIn":[{"Name":"linux","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-hwe-5.15","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-kvm","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-aws","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-aws-5.15","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure-5.15","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure-fde","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure-fde-5.15","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-bluefield","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gcp","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gcp-5.15","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gke","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gke-5.15","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gkeop","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-ibm","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-intel-5.13","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-intel-iotg-5.15","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-lowlatency-hwe-5.15","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oracle","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oracle-5.13","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oracle-5.15","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem-5.6","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem-5.10","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem-5.14","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-raspi","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:20.04/cve-2022-20566", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-hwe-5.15", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-kvm", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws-5.15", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure-5.15", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure-fde", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure-fde-5.15", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-bluefield", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp-5.15", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gke", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gke-5.15", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gkeop", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-ibm", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-intel-5.13", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-intel-iotg-5.15", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-lowlatency-hwe-5.15", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle-5.13", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle-5.15", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-5.6", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-5.10", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-5.14", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-raspi", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-20566", + "Metadata": {}, + "Name": "CVE-2022-20566", + "NamespaceName": "ubuntu:20.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41859.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41859.json index b2da1555..91354baa 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41859.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41859.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:20.04/cve-2022-41859","item":{"Vulnerability":{"Name":"CVE-2022-41859","NamespaceName":"ubuntu:20.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41859","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:20.04/cve-2022-41859", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41859", + "Metadata": {}, + "Name": "CVE-2022-41859", + "NamespaceName": "ubuntu:20.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41860.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41860.json index 3e2a04cc..082e13ab 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41860.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41860.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:20.04/cve-2022-41860","item":{"Vulnerability":{"Name":"CVE-2022-41860","NamespaceName":"ubuntu:20.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41860","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:20.04/cve-2022-41860", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41860", + "Metadata": {}, + "Name": "CVE-2022-41860", + "NamespaceName": "ubuntu:20.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41861.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41861.json index 0e836965..1e8373a4 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41861.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.04/cve-2022-41861.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:20.04/cve-2022-41861","item":{"Vulnerability":{"Name":"CVE-2022-41861","NamespaceName":"ubuntu:20.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41861","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:20.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:20.04/cve-2022-41861", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:20.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41861", + "Metadata": {}, + "Name": "CVE-2022-41861", + "NamespaceName": "ubuntu:20.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.10/cve-2019-17185.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.10/cve-2019-17185.json index a841a0ff..8f516095 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.10/cve-2019-17185.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:20.10/cve-2019-17185.json @@ -1 +1,15 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:20.10/cve-2019-17185","item":{"Vulnerability":{"Name":"CVE-2019-17185","NamespaceName":"ubuntu:20.10","Description":"","Severity":"Low","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2019-17185","FixedIn":[]}}} +{ + "identifier": "ubuntu:20.10/cve-2019-17185", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://ubuntu.com/security/CVE-2019-17185", + "Metadata": {}, + "Name": "CVE-2019-17185", + "NamespaceName": "ubuntu:20.10", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.04/cve-2019-17185.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.04/cve-2019-17185.json index ba604c1e..957b63f2 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.04/cve-2019-17185.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.04/cve-2019-17185.json @@ -1 +1,15 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:21.04/cve-2019-17185","item":{"Vulnerability":{"Name":"CVE-2019-17185","NamespaceName":"ubuntu:21.04","Description":"","Severity":"Low","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2019-17185","FixedIn":[]}}} +{ + "identifier": "ubuntu:21.04/cve-2019-17185", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://ubuntu.com/security/CVE-2019-17185", + "Metadata": {}, + "Name": "CVE-2019-17185", + "NamespaceName": "ubuntu:21.04", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.04/cve-2021-4204.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.04/cve-2021-4204.json index 160f99be..b775f266 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.04/cve-2021-4204.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.04/cve-2021-4204.json @@ -1 +1,88 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:21.04/cve-2021-4204","item":{"Vulnerability":{"Name":"CVE-2021-4204","NamespaceName":"ubuntu:21.04","Description":"","Severity":"High","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2021-4204","FixedIn":[{"Name":"linux","NamespaceName":"ubuntu:21.04","VersionFormat":"dpkg","Version":"5.11.0-46.51","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-kvm","NamespaceName":"ubuntu:21.04","VersionFormat":"dpkg","Version":"5.11.0-1022.24","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-aws","NamespaceName":"ubuntu:21.04","VersionFormat":"dpkg","Version":"5.11.0-1025.27","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure","NamespaceName":"ubuntu:21.04","VersionFormat":"dpkg","Version":"5.11.0-1025.27","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gcp","NamespaceName":"ubuntu:21.04","VersionFormat":"dpkg","Version":"5.11.0-1026.29","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oracle","NamespaceName":"ubuntu:21.04","VersionFormat":"dpkg","Version":"5.11.0-1025.27","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-raspi","NamespaceName":"ubuntu:21.04","VersionFormat":"dpkg","Version":"5.11.0-1025.27","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-riscv","NamespaceName":"ubuntu:21.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":true}}]}}} +{ + "identifier": "ubuntu:21.04/cve-2021-4204", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux", + "NamespaceName": "ubuntu:21.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-46.51", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-kvm", + "NamespaceName": "ubuntu:21.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-1022.24", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws", + "NamespaceName": "ubuntu:21.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-1025.27", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure", + "NamespaceName": "ubuntu:21.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-1025.27", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp", + "NamespaceName": "ubuntu:21.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-1026.29", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle", + "NamespaceName": "ubuntu:21.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-1025.27", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-raspi", + "NamespaceName": "ubuntu:21.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.11.0-1025.27", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-riscv", + "NamespaceName": "ubuntu:21.04", + "VendorAdvisory": { + "NoAdvisory": true + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2021-4204", + "Metadata": {}, + "Name": "CVE-2021-4204", + "NamespaceName": "ubuntu:21.04", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.10/cve-2019-17185.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.10/cve-2019-17185.json index 49610259..995616a4 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.10/cve-2019-17185.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.10/cve-2019-17185.json @@ -1 +1,15 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:21.10/cve-2019-17185","item":{"Vulnerability":{"Name":"CVE-2019-17185","NamespaceName":"ubuntu:21.10","Description":"","Severity":"Low","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2019-17185","FixedIn":[]}}} +{ + "identifier": "ubuntu:21.10/cve-2019-17185", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://ubuntu.com/security/CVE-2019-17185", + "Metadata": {}, + "Name": "CVE-2019-17185", + "NamespaceName": "ubuntu:21.10", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.10/cve-2021-4204.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.10/cve-2021-4204.json index edb621f4..739530a4 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.10/cve-2021-4204.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:21.10/cve-2021-4204.json @@ -1 +1,88 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:21.10/cve-2021-4204","item":{"Vulnerability":{"Name":"CVE-2021-4204","NamespaceName":"ubuntu:21.10","Description":"","Severity":"High","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2021-4204","FixedIn":[{"Name":"linux","NamespaceName":"ubuntu:21.10","VersionFormat":"dpkg","Version":"5.13.0-25.26","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-kvm","NamespaceName":"ubuntu:21.10","VersionFormat":"dpkg","Version":"5.13.0-1008.8","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-aws","NamespaceName":"ubuntu:21.10","VersionFormat":"dpkg","Version":"5.13.0-1009.10","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure","NamespaceName":"ubuntu:21.10","VersionFormat":"dpkg","Version":"5.13.0-1010.11","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gcp","NamespaceName":"ubuntu:21.10","VersionFormat":"dpkg","Version":"5.13.0-1010.12","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oracle","NamespaceName":"ubuntu:21.10","VersionFormat":"dpkg","Version":"5.13.0-1013.16","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-raspi","NamespaceName":"ubuntu:21.10","VersionFormat":"dpkg","Version":"5.13.0-1013.15","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-riscv","NamespaceName":"ubuntu:21.10","VersionFormat":"dpkg","Version":"5.13.0-1008.8","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:21.10/cve-2021-4204", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux", + "NamespaceName": "ubuntu:21.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-25.26", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-kvm", + "NamespaceName": "ubuntu:21.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1008.8", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws", + "NamespaceName": "ubuntu:21.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1009.10", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure", + "NamespaceName": "ubuntu:21.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1010.11", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp", + "NamespaceName": "ubuntu:21.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1010.12", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle", + "NamespaceName": "ubuntu:21.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1013.16", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-raspi", + "NamespaceName": "ubuntu:21.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1013.15", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-riscv", + "NamespaceName": "ubuntu:21.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "5.13.0-1008.8", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2021-4204", + "Metadata": {}, + "Name": "CVE-2021-4204", + "NamespaceName": "ubuntu:21.10", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2019-17185.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2019-17185.json index af752c12..fc2ffb43 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2019-17185.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2019-17185.json @@ -1 +1,15 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.04/cve-2019-17185","item":{"Vulnerability":{"Name":"CVE-2019-17185","NamespaceName":"ubuntu:22.04","Description":"","Severity":"Low","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2019-17185","FixedIn":[]}}} +{ + "identifier": "ubuntu:22.04/cve-2019-17185", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://ubuntu.com/security/CVE-2019-17185", + "Metadata": {}, + "Name": "CVE-2019-17185", + "NamespaceName": "ubuntu:22.04", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2021-4204.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2021-4204.json index dc0b65b1..9485c451 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2021-4204.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2021-4204.json @@ -1 +1,43 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.04/cve-2021-4204","item":{"Vulnerability":{"Name":"CVE-2021-4204","NamespaceName":"ubuntu:22.04","Description":"","Severity":"High","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2021-4204","FixedIn":[{"Name":"linux-gkeop","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure-fde","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem-6.0","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:22.04/cve-2021-4204", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux-gkeop", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure-fde", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-6.0", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2021-4204", + "Metadata": {}, + "Name": "CVE-2021-4204", + "NamespaceName": "ubuntu:22.04", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-20566.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-20566.json index 985dc658..0e79eb55 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-20566.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-20566.json @@ -1 +1,160 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.04/cve-2022-20566","item":{"Vulnerability":{"Name":"CVE-2022-20566","NamespaceName":"ubuntu:22.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-20566","FixedIn":[{"Name":"linux","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-kvm","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-aws","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure-fde","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gcp","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gke","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gkeop","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-ibm","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-intel-iotg","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-lowlatency","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oracle","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem-5.17","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-raspi","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-riscv","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem-6.0","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:22.04/cve-2022-20566", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-kvm", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure-fde", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gke", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gkeop", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-ibm", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-intel-iotg", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-lowlatency", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-5.17", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-raspi", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-riscv", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-6.0", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-20566", + "Metadata": {}, + "Name": "CVE-2022-20566", + "NamespaceName": "ubuntu:22.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41859.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41859.json index 579a429d..456842c1 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41859.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41859.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.04/cve-2022-41859","item":{"Vulnerability":{"Name":"CVE-2022-41859","NamespaceName":"ubuntu:22.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41859","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:22.04/cve-2022-41859", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41859", + "Metadata": {}, + "Name": "CVE-2022-41859", + "NamespaceName": "ubuntu:22.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41860.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41860.json index 476723f8..d2ff8055 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41860.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41860.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.04/cve-2022-41860","item":{"Vulnerability":{"Name":"CVE-2022-41860","NamespaceName":"ubuntu:22.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41860","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:22.04/cve-2022-41860", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41860", + "Metadata": {}, + "Name": "CVE-2022-41860", + "NamespaceName": "ubuntu:22.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41861.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41861.json index 99f2f11f..a1602013 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41861.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.04/cve-2022-41861.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.04/cve-2022-41861","item":{"Vulnerability":{"Name":"CVE-2022-41861","NamespaceName":"ubuntu:22.04","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41861","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:22.04","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:22.04/cve-2022-41861", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:22.04", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41861", + "Metadata": {}, + "Name": "CVE-2022-41861", + "NamespaceName": "ubuntu:22.04", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2019-17185.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2019-17185.json index b31a14ba..52e3149c 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2019-17185.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2019-17185.json @@ -1 +1,15 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.10/cve-2019-17185","item":{"Vulnerability":{"Name":"CVE-2019-17185","NamespaceName":"ubuntu:22.10","Description":"","Severity":"Low","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2019-17185","FixedIn":[]}}} +{ + "identifier": "ubuntu:22.10/cve-2019-17185", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://ubuntu.com/security/CVE-2019-17185", + "Metadata": {}, + "Name": "CVE-2019-17185", + "NamespaceName": "ubuntu:22.10", + "Severity": "Low" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2021-4204.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2021-4204.json index 43669fd2..da5d31f4 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2021-4204.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2021-4204.json @@ -1 +1,15 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.10/cve-2021-4204","item":{"Vulnerability":{"Name":"CVE-2021-4204","NamespaceName":"ubuntu:22.10","Description":"","Severity":"High","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2021-4204","FixedIn":[]}}} +{ + "identifier": "ubuntu:22.10/cve-2021-4204", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [], + "Link": "https://ubuntu.com/security/CVE-2021-4204", + "Metadata": {}, + "Name": "CVE-2021-4204", + "NamespaceName": "ubuntu:22.10", + "Severity": "High" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-20566.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-20566.json index fa18e413..9e7f230b 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-20566.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-20566.json @@ -1 +1,106 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.10/cve-2022-20566","item":{"Vulnerability":{"Name":"CVE-2022-20566","NamespaceName":"ubuntu:22.10","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-20566","FixedIn":[{"Name":"linux-kvm","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-aws","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-azure","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-gcp","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-ibm","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-lowlatency","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oracle","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-oem-5.17","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-raspi","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}},{"Name":"linux-riscv","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:22.10/cve-2022-20566", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "linux-kvm", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-aws", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-azure", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-gcp", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-ibm", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-lowlatency", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oracle", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-oem-5.17", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-raspi", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + }, + { + "Name": "linux-riscv", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-20566", + "Metadata": {}, + "Name": "CVE-2022-20566", + "NamespaceName": "ubuntu:22.10", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41859.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41859.json index e4f1b679..5159c6a5 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41859.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41859.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.10/cve-2022-41859","item":{"Vulnerability":{"Name":"CVE-2022-41859","NamespaceName":"ubuntu:22.10","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41859","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:22.10/cve-2022-41859", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41859", + "Metadata": {}, + "Name": "CVE-2022-41859", + "NamespaceName": "ubuntu:22.10", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41860.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41860.json index 07180b18..4887b86a 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41860.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41860.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.10/cve-2022-41860","item":{"Vulnerability":{"Name":"CVE-2022-41860","NamespaceName":"ubuntu:22.10","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41860","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:22.10/cve-2022-41860", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41860", + "Metadata": {}, + "Name": "CVE-2022-41860", + "NamespaceName": "ubuntu:22.10", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41861.json b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41861.json index 66d63c8e..3bda4e52 100644 --- a/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41861.json +++ b/tests/unit/providers/ubuntu/test-fixtures/snapshots/ubuntu:22.10/cve-2022-41861.json @@ -1 +1,25 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"ubuntu:22.10/cve-2022-41861","item":{"Vulnerability":{"Name":"CVE-2022-41861","NamespaceName":"ubuntu:22.10","Description":"","Severity":"Medium","Metadata":{},"Link":"https://ubuntu.com/security/CVE-2022-41861","FixedIn":[{"Name":"freeradius","NamespaceName":"ubuntu:22.10","VersionFormat":"dpkg","Version":"None","VendorAdvisory":{"NoAdvisory":false}}]}}} +{ + "identifier": "ubuntu:22.10/cve-2022-41861", + "item": { + "Vulnerability": { + "Description": "", + "FixedIn": [ + { + "Name": "freeradius", + "NamespaceName": "ubuntu:22.10", + "VendorAdvisory": { + "NoAdvisory": false + }, + "Version": "None", + "VersionFormat": "dpkg" + } + ], + "Link": "https://ubuntu.com/security/CVE-2022-41861", + "Metadata": {}, + "Name": "CVE-2022-41861", + "NamespaceName": "ubuntu:22.10", + "Severity": "Medium" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2016-2781.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2016-2781.json index d5e78779..93214474 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2016-2781.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2016-2781.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2016-2781","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"coreutils","Version":"0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2016-2781","Description":"","Metadata":{},"Name":"CVE-2016-2781","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2016-2781", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "coreutils", + "NamespaceName": "wolfi:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2016-2781", + "Metadata": {}, + "Name": "CVE-2016-2781", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2017-8806.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2017-8806.json index 6a040c36..9f9394ba 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2017-8806.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2017-8806.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2017-8806","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"postgresql-15","Version":"0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2017-8806","Description":"","Metadata":{},"Name":"CVE-2017-8806","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2017-8806", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "postgresql-15", + "NamespaceName": "wolfi:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2017-8806", + "Metadata": {}, + "Name": "CVE-2017-8806", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-1000156.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-1000156.json index 00d9f643..7aa23d6b 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-1000156.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-1000156.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2018-1000156","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-1000156","Description":"","Metadata":{},"Name":"CVE-2018-1000156","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2018-1000156", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "wolfi:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-1000156", + "Metadata": {}, + "Name": "CVE-2018-1000156", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-20969.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-20969.json index 584fbbf1..60c49ad2 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-20969.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-20969.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2018-20969","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-20969","Description":"","Metadata":{},"Name":"CVE-2018-20969","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2018-20969", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "wolfi:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-20969", + "Metadata": {}, + "Name": "CVE-2018-20969", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-25032.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-25032.json index 6fd1730f..3777c0d6 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-25032.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-25032.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2018-25032","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"zlib","Version":"1.2.12-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-25032","Description":"","Metadata":{},"Name":"CVE-2018-25032","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2018-25032", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zlib", + "NamespaceName": "wolfi:rolling", + "Version": "1.2.12-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-25032", + "Metadata": {}, + "Name": "CVE-2018-25032", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-6951.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-6951.json index 6cdeee78..e16941f2 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-6951.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-6951.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2018-6951","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-6951","Description":"","Metadata":{},"Name":"CVE-2018-6951","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2018-6951", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "wolfi:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-6951", + "Metadata": {}, + "Name": "CVE-2018-6951", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-6952.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-6952.json index e862f34a..2f90a502 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-6952.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2018-6952.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2018-6952","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2018-6952","Description":"","Metadata":{},"Name":"CVE-2018-6952","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2018-6952", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "wolfi:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2018-6952", + "Metadata": {}, + "Name": "CVE-2018-6952", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-13636.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-13636.json index 7f6f9708..52da7eff 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-13636.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-13636.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2019-13636","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-13636","Description":"","Metadata":{},"Name":"CVE-2019-13636","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2019-13636", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "wolfi:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-13636", + "Metadata": {}, + "Name": "CVE-2019-13636", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-13638.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-13638.json index a4f9c8fb..6a1e347e 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-13638.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-13638.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2019-13638","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-13638","Description":"","Metadata":{},"Name":"CVE-2019-13638","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2019-13638", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "wolfi:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-13638", + "Metadata": {}, + "Name": "CVE-2019-13638", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-20633.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-20633.json index 6a41a8e4..0ae6af54 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-20633.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-20633.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2019-20633","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"patch","Version":"2.7.6-r3","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-20633","Description":"","Metadata":{},"Name":"CVE-2019-20633","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2019-20633", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "patch", + "NamespaceName": "wolfi:rolling", + "Version": "2.7.6-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-20633", + "Metadata": {}, + "Name": "CVE-2019-20633", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-6293.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-6293.json index 69f409e9..44800192 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-6293.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2019-6293.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2019-6293","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"flex","Version":"0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2019-6293","Description":"","Metadata":{},"Name":"CVE-2019-6293","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2019-6293", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "flex", + "NamespaceName": "wolfi:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2019-6293", + "Metadata": {}, + "Name": "CVE-2019-6293", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2020-10735.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2020-10735.json index 93955876..24249ed9 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2020-10735.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2020-10735.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2020-10735","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"python3","Version":"3.0.7-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-10735","Description":"","Metadata":{},"Name":"CVE-2020-10735","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2020-10735", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "python3", + "NamespaceName": "wolfi:rolling", + "Version": "3.0.7-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-10735", + "Metadata": {}, + "Name": "CVE-2020-10735", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2020-8927.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2020-8927.json index 8fd00ee9..5ed4006e 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2020-8927.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2020-8927.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2020-8927","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"brotli","Version":"1.0.9-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2020-8927","Description":"","Metadata":{},"Name":"CVE-2020-8927","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2020-8927", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "brotli", + "NamespaceName": "wolfi:rolling", + "Version": "1.0.9-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2020-8927", + "Metadata": {}, + "Name": "CVE-2020-8927", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-30218.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-30218.json index c7560693..d0658d71 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-30218.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-30218.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2021-30218","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"samurai","Version":"1.2-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-30218","Description":"","Metadata":{},"Name":"CVE-2021-30218","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2021-30218", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "samurai", + "NamespaceName": "wolfi:rolling", + "Version": "1.2-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-30218", + "Metadata": {}, + "Name": "CVE-2021-30218", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-30219.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-30219.json index 0458097a..3c75d811 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-30219.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-30219.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2021-30219","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"samurai","Version":"1.2-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-30219","Description":"","Metadata":{},"Name":"CVE-2021-30219","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2021-30219", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "samurai", + "NamespaceName": "wolfi:rolling", + "Version": "1.2-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-30219", + "Metadata": {}, + "Name": "CVE-2021-30219", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-43618.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-43618.json index 77a0fadb..0256f0bd 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-43618.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2021-43618.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2021-43618","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"gmp","Version":"6.2.1-r4","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2021-43618","Description":"","Metadata":{},"Name":"CVE-2021-43618","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2021-43618", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "gmp", + "NamespaceName": "wolfi:rolling", + "Version": "6.2.1-r4", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2021-43618", + "Metadata": {}, + "Name": "CVE-2021-43618", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-1586.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-1586.json index 89d949c7..0d96078c 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-1586.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-1586.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-1586","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"pcre2","Version":"10.40-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-1586","Description":"","Metadata":{},"Name":"CVE-2022-1586","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-1586", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "pcre2", + "NamespaceName": "wolfi:rolling", + "Version": "10.40-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-1586", + "Metadata": {}, + "Name": "CVE-2022-1586", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-1587.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-1587.json index ef04684c..6cbb6a09 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-1587.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-1587.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-1587","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"pcre2","Version":"10.40-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-1587","Description":"","Metadata":{},"Name":"CVE-2022-1587","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-1587", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "pcre2", + "NamespaceName": "wolfi:rolling", + "Version": "10.40-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-1587", + "Metadata": {}, + "Name": "CVE-2022-1587", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-26691.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-26691.json index 020bbee0..2b83f17a 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-26691.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-26691.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-26691","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"cups","Version":"2.4.2-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-26691","Description":"","Metadata":{},"Name":"CVE-2022-26691","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-26691", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "cups", + "NamespaceName": "wolfi:rolling", + "Version": "2.4.2-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-26691", + "Metadata": {}, + "Name": "CVE-2022-26691", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27404.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27404.json index fbcacd30..900b0550 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27404.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27404.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-27404","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"freetype","Version":"2.12.1-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-27404","Description":"","Metadata":{},"Name":"CVE-2022-27404","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-27404", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "freetype", + "NamespaceName": "wolfi:rolling", + "Version": "2.12.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-27404", + "Metadata": {}, + "Name": "CVE-2022-27404", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27405.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27405.json index f1d73639..edc2e8e8 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27405.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27405.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-27405","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"freetype","Version":"2.12.1-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-27405","Description":"","Metadata":{},"Name":"CVE-2022-27405","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-27405", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "freetype", + "NamespaceName": "wolfi:rolling", + "Version": "2.12.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-27405", + "Metadata": {}, + "Name": "CVE-2022-27405", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27406.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27406.json index 93afad8d..53689e84 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27406.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-27406.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-27406","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"freetype","Version":"2.12.1-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-27406","Description":"","Metadata":{},"Name":"CVE-2022-27406","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-27406", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "freetype", + "NamespaceName": "wolfi:rolling", + "Version": "2.12.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-27406", + "Metadata": {}, + "Name": "CVE-2022-27406", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-28391.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-28391.json index 18fc9040..8525aaf2 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-28391.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-28391.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-28391","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"busybox","Version":"1.35.0-r3","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-28391","Description":"","Metadata":{},"Name":"CVE-2022-28391","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-28391", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "busybox", + "NamespaceName": "wolfi:rolling", + "Version": "1.35.0-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-28391", + "Metadata": {}, + "Name": "CVE-2022-28391", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-28506.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-28506.json index 6c07d7e8..c1005e16 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-28506.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-28506.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-28506","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"giflib","Version":"5.2.1-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-28506","Description":"","Metadata":{},"Name":"CVE-2022-28506","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-28506", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "giflib", + "NamespaceName": "wolfi:rolling", + "Version": "5.2.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-28506", + "Metadata": {}, + "Name": "CVE-2022-28506", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-29458.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-29458.json index 51ddaa59..c658b117 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-29458.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-29458.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-29458","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"ncurses","Version":"6.3-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-29458","Description":"","Metadata":{},"Name":"CVE-2022-29458","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-29458", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "ncurses", + "NamespaceName": "wolfi:rolling", + "Version": "6.3-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-29458", + "Metadata": {}, + "Name": "CVE-2022-29458", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-30065.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-30065.json index 22a0aa14..8eb9aa19 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-30065.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-30065.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-30065","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"busybox","Version":"1.35.0-r3","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-30065","Description":"","Metadata":{},"Name":"CVE-2022-30065","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-30065", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "busybox", + "NamespaceName": "wolfi:rolling", + "Version": "1.35.0-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-30065", + "Metadata": {}, + "Name": "CVE-2022-30065", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-32221.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-32221.json index 4d49aee7..4a31c7a7 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-32221.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-32221.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-32221","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"curl","Version":"7.86.0-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-32221","Description":"","Metadata":{},"Name":"CVE-2022-32221","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-32221", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "curl", + "NamespaceName": "wolfi:rolling", + "Version": "7.86.0-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-32221", + "Metadata": {}, + "Name": "CVE-2022-32221", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3358.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3358.json index 93d55cee..a7b18d5a 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3358.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3358.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-3358","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.7-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3358","Description":"","Metadata":{},"Name":"CVE-2022-3358","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-3358", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "wolfi:rolling", + "Version": "3.0.7-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3358", + "Metadata": {}, + "Name": "CVE-2022-3358", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3602.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3602.json index efbea65b..5d44d073 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3602.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3602.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-3602","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.7-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3602","Description":"","Metadata":{},"Name":"CVE-2022-3602","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-3602", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "wolfi:rolling", + "Version": "3.0.7-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3602", + "Metadata": {}, + "Name": "CVE-2022-3602", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-36227.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-36227.json index c513b59a..f04d5eae 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-36227.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-36227.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-36227","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"libarchive","Version":"3.6.1-r2","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-36227","Description":"","Metadata":{},"Name":"CVE-2022-36227","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-36227", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libarchive", + "NamespaceName": "wolfi:rolling", + "Version": "3.6.1-r2", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-36227", + "Metadata": {}, + "Name": "CVE-2022-36227", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-37434.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-37434.json index e021f563..57fe795b 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-37434.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-37434.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-37434","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"zlib","Version":"1.2.12-r3","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-37434","Description":"","Metadata":{},"Name":"CVE-2022-37434","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-37434", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "zlib", + "NamespaceName": "wolfi:rolling", + "Version": "1.2.12-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-37434", + "Metadata": {}, + "Name": "CVE-2022-37434", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3786.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3786.json index 13d17ee5..e7b8451e 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3786.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-3786.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-3786","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"openssl","Version":"3.0.7-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-3786","Description":"","Metadata":{},"Name":"CVE-2022-3786","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-3786", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "openssl", + "NamespaceName": "wolfi:rolling", + "Version": "3.0.7-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-3786", + "Metadata": {}, + "Name": "CVE-2022-3786", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38126.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38126.json index 44f4229b..c5262d73 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38126.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38126.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-38126","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"binutils","Version":"2.39-r1","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-38126","Description":"","Metadata":{},"Name":"CVE-2022-38126","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-38126", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "binutils", + "NamespaceName": "wolfi:rolling", + "Version": "2.39-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-38126", + "Metadata": {}, + "Name": "CVE-2022-38126", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38128.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38128.json index 3797b907..ac60bfa5 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38128.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38128.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-38128","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"binutils","Version":"2.39-r3","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-38128","Description":"","Metadata":{},"Name":"CVE-2022-38128","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-38128", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "binutils", + "NamespaceName": "wolfi:rolling", + "Version": "2.39-r3", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-38128", + "Metadata": {}, + "Name": "CVE-2022-38128", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38533.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38533.json index 563f24a4..c1078947 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38533.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-38533.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-38533","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"binutils","Version":"2.39-r2","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-38533","Description":"","Metadata":{},"Name":"CVE-2022-38533","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-38533", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "binutils", + "NamespaceName": "wolfi:rolling", + "Version": "2.39-r2", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-38533", + "Metadata": {}, + "Name": "CVE-2022-38533", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39046.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39046.json index 5e8fa406..6c2278ef 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39046.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39046.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-39046","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"glibc","Version":"2.36-r1","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-39046","Description":"","Metadata":{},"Name":"CVE-2022-39046","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-39046", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "glibc", + "NamespaceName": "wolfi:rolling", + "Version": "2.36-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-39046", + "Metadata": {}, + "Name": "CVE-2022-39046", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39253.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39253.json index 5a4a9936..2c774d9e 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39253.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39253.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-39253","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"git","Version":"2.38.1-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-39253","Description":"","Metadata":{},"Name":"CVE-2022-39253","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-39253", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "git", + "NamespaceName": "wolfi:rolling", + "Version": "2.38.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-39253", + "Metadata": {}, + "Name": "CVE-2022-39253", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39260.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39260.json index 24b04d71..d631a1eb 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39260.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-39260.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-39260","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"git","Version":"2.38.1-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-39260","Description":"","Metadata":{},"Name":"CVE-2022-39260","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-39260", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "git", + "NamespaceName": "wolfi:rolling", + "Version": "2.38.1-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-39260", + "Metadata": {}, + "Name": "CVE-2022-39260", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40303.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40303.json index 1307c25d..5e1084bc 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40303.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40303.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-40303","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"libxml2","Version":"2.10.3-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-40303","Description":"","Metadata":{},"Name":"CVE-2022-40303","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-40303", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libxml2", + "NamespaceName": "wolfi:rolling", + "Version": "2.10.3-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-40303", + "Metadata": {}, + "Name": "CVE-2022-40303", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40304.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40304.json index 67631bfc..f964d898 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40304.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40304.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-40304","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"libxml2","Version":"2.10.3-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-40304","Description":"","Metadata":{},"Name":"CVE-2022-40304","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-40304", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "libxml2", + "NamespaceName": "wolfi:rolling", + "Version": "2.10.3-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-40304", + "Metadata": {}, + "Name": "CVE-2022-40304", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40674.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40674.json index cfb77d03..6b979b24 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40674.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-40674.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-40674","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"expat","Version":"2.4.9-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-40674","Description":"","Metadata":{},"Name":"CVE-2022-40674","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-40674", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "expat", + "NamespaceName": "wolfi:rolling", + "Version": "2.4.9-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-40674", + "Metadata": {}, + "Name": "CVE-2022-40674", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41716.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41716.json index 388ca91a..92354d81 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41716.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41716.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-41716","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"go","Version":"1.19.3-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-41716","Description":"","Metadata":{},"Name":"CVE-2022-41716","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-41716", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "go", + "NamespaceName": "wolfi:rolling", + "Version": "1.19.3-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-41716", + "Metadata": {}, + "Name": "CVE-2022-41716", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41717.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41717.json index eef844ad..1a4f2ecc 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41717.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41717.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-41717","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"go","Version":"1.19.4-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-41717","Description":"","Metadata":{},"Name":"CVE-2022-41717","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-41717", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "go", + "NamespaceName": "wolfi:rolling", + "Version": "1.19.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-41717", + "Metadata": {}, + "Name": "CVE-2022-41717", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41720.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41720.json index cf1edd4a..452a8e7f 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41720.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-41720.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-41720","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"go","Version":"1.19.4-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-41720","Description":"","Metadata":{},"Name":"CVE-2022-41720","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-41720", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "go", + "NamespaceName": "wolfi:rolling", + "Version": "1.19.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-41720", + "Metadata": {}, + "Name": "CVE-2022-41720", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42010.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42010.json index 1a1ac917..1fb45844 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42010.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42010.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-42010","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"dbus","Version":"1.14.4-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-42010","Description":"","Metadata":{},"Name":"CVE-2022-42010","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-42010", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "dbus", + "NamespaceName": "wolfi:rolling", + "Version": "1.14.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-42010", + "Metadata": {}, + "Name": "CVE-2022-42010", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42011.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42011.json index 197c0934..dc3a757a 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42011.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42011.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-42011","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"dbus","Version":"1.14.4-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-42011","Description":"","Metadata":{},"Name":"CVE-2022-42011","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-42011", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "dbus", + "NamespaceName": "wolfi:rolling", + "Version": "1.14.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-42011", + "Metadata": {}, + "Name": "CVE-2022-42011", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42012.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42012.json index d225c447..bbc70900 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42012.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42012.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-42012","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"dbus","Version":"1.14.4-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-42012","Description":"","Metadata":{},"Name":"CVE-2022-42012","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-42012", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "dbus", + "NamespaceName": "wolfi:rolling", + "Version": "1.14.4-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-42012", + "Metadata": {}, + "Name": "CVE-2022-42012", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42916.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42916.json index 9ef86bcc..16c02ccf 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42916.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-42916.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-42916","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"curl","Version":"7.86.0-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-42916","Description":"","Metadata":{},"Name":"CVE-2022-42916","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-42916", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "curl", + "NamespaceName": "wolfi:rolling", + "Version": "7.86.0-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-42916", + "Metadata": {}, + "Name": "CVE-2022-42916", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-43680.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-43680.json index 8f6f0010..f8c8af36 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-43680.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-43680.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-43680","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"expat","Version":"2.5.0-r0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-43680","Description":"","Metadata":{},"Name":"CVE-2022-43680","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-43680", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "expat", + "NamespaceName": "wolfi:rolling", + "Version": "2.5.0-r0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-43680", + "Metadata": {}, + "Name": "CVE-2022-43680", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-46908.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-46908.json index 1006d086..9609c150 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-46908.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2022-46908.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2022-46908","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"sqlite","Version":"3.40.0-r1","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2022-46908","Description":"","Metadata":{},"Name":"CVE-2022-46908","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2022-46908", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "sqlite", + "NamespaceName": "wolfi:rolling", + "Version": "3.40.0-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2022-46908", + "Metadata": {}, + "Name": "CVE-2022-46908", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28840.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28840.json index 1b3c5c84..6f763cc1 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28840.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28840.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2023-28840","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"apko","Version":"0.7.3-r1","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-28840","Description":"","Metadata":{},"Name":"CVE-2023-28840","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2023-28840", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "apko", + "NamespaceName": "wolfi:rolling", + "Version": "0.7.3-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-28840", + "Metadata": {}, + "Name": "CVE-2023-28840", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28841.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28841.json index 1c8cd422..af661c9f 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28841.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28841.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2023-28841","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"apko","Version":"0.7.3-r1","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-28841","Description":"","Metadata":{},"Name":"CVE-2023-28841","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2023-28841", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "apko", + "NamespaceName": "wolfi:rolling", + "Version": "0.7.3-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-28841", + "Metadata": {}, + "Name": "CVE-2023-28841", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28842.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28842.json index b2e4d515..9a6ddd5e 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28842.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-28842.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2023-28842","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"apko","Version":"0.7.3-r1","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-28842","Description":"","Metadata":{},"Name":"CVE-2023-28842","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2023-28842", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "apko", + "NamespaceName": "wolfi:rolling", + "Version": "0.7.3-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-28842", + "Metadata": {}, + "Name": "CVE-2023-28842", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-30551.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-30551.json index 9b489107..ca3285f9 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-30551.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-30551.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2023-30551","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"apko","Version":"0.8.0-r1","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-30551","Description":"","Metadata":{},"Name":"CVE-2023-30551","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2023-30551", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "apko", + "NamespaceName": "wolfi:rolling", + "Version": "0.8.0-r1", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-30551", + "Metadata": {}, + "Name": "CVE-2023-30551", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-39325.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-39325.json index ca3f3bba..2c3370fe 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-39325.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-39325.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2023-39325","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"apko","Version":"0.10.0-r6","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-39325","Description":"","Metadata":{},"Name":"CVE-2023-39325","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2023-39325", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "apko", + "NamespaceName": "wolfi:rolling", + "Version": "0.10.0-r6", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-39325", + "Metadata": {}, + "Name": "CVE-2023-39325", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-3978.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-3978.json index 55465f18..45077745 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-3978.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-3978.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2023-3978","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"apko","Version":"0.10.0-r6","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-3978","Description":"","Metadata":{},"Name":"CVE-2023-3978","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2023-3978", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "apko", + "NamespaceName": "wolfi:rolling", + "Version": "0.10.0-r6", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-3978", + "Metadata": {}, + "Name": "CVE-2023-3978", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-45283.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-45283.json index 064f08a5..a428b502 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-45283.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-45283.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2023-45283","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"apko","Version":"0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-45283","Description":"","Metadata":{},"Name":"CVE-2023-45283","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2023-45283", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "apko", + "NamespaceName": "wolfi:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-45283", + "Metadata": {}, + "Name": "CVE-2023-45283", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-45284.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-45284.json index e9bdd828..a2477525 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-45284.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/CVE-2023-45284.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/CVE-2023-45284","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"apko","Version":"0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://www.cve.org/CVERecord?id=CVE-2023-45284","Description":"","Metadata":{},"Name":"CVE-2023-45284","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/CVE-2023-45284", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "apko", + "NamespaceName": "wolfi:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://www.cve.org/CVERecord?id=CVE-2023-45284", + "Metadata": {}, + "Name": "CVE-2023-45284", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +} diff --git a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/GHSA-jq35-85cj-fj4p.json b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/GHSA-jq35-85cj-fj4p.json index 93fc5811..c8f03fcb 100644 --- a/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/GHSA-jq35-85cj-fj4p.json +++ b/tests/unit/providers/wolfi/test-fixtures/snapshots/wolfi:rolling/GHSA-jq35-85cj-fj4p.json @@ -1 +1,23 @@ -{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"wolfi:rolling/GHSA-jq35-85cj-fj4p","item":{"Vulnerability":{"Severity":"Unknown","NamespaceName":"wolfi:rolling","FixedIn":[{"Name":"apko","Version":"0","VersionFormat":"apk","NamespaceName":"wolfi:rolling"}],"Link":"https://github.com/advisories/GHSA-jq35-85cj-fj4p","Description":"","Metadata":{},"Name":"GHSA-jq35-85cj-fj4p","CVSS":[]}}} +{ + "identifier": "wolfi:rolling/GHSA-jq35-85cj-fj4p", + "item": { + "Vulnerability": { + "CVSS": [], + "Description": "", + "FixedIn": [ + { + "Name": "apko", + "NamespaceName": "wolfi:rolling", + "Version": "0", + "VersionFormat": "apk" + } + ], + "Link": "https://github.com/advisories/GHSA-jq35-85cj-fj4p", + "Metadata": {}, + "Name": "GHSA-jq35-85cj-fj4p", + "NamespaceName": "wolfi:rolling", + "Severity": "Unknown" + } + }, + "schema": "https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json" +}