From 6f4b41fea304c6e64610cb8b10bcab3bf0697616 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20Goinvic?= Date: Fri, 5 Jul 2024 13:30:40 +0000 Subject: [PATCH] 2.19.0 --- Dockerfile.base | 2 +- .../starter-core/matrix_content_scanner.yaml | 4 +- .../base/starter-core/sliding_sync.yaml | 4 +- .../base/starter-core/synapse.yaml | 4 +- helm/operator/Chart.yaml | 4 +- helm/operator/source-values.yaml | 10 +- helm/operator/values.yaml | 10 +- helm/updater/Chart.yaml | 4 +- helm/updater/source-values.yaml | 10 +- ...mresourcedefinition-elementdeployment.yaml | 12 + helm/updater/values.yaml | 10 +- .../defaults/main/images.yml | 12 +- .../files/elementdeployment-schema.yaml | 12 + roles/elementdeployment/tasks/prepare.yml | 1 + .../tasks/prerequisites/all_secrets.yml | 2 + .../tasks/prerequisites/global_secret.yml | 1 + roles/generic_apply/tasks/main.yml | 4 + roles/synapse/tasks/bootstrap.yml | 1 + .../tasks/dependencies/registration_files.yml | 1 + roles/synapse/tasks/synapse_process.yml | 1 + roles/synapse/tasks/validation.yml | 2 + roles/teardown/tasks/main.yml | 3 + .../docker.io_library_haproxy:2.8-alpine.json | 78 +- ...ker.io_library_nginx:1.24-alpine-slim.json | 170 +- sboms/docker.io_library_redis:7.2-alpine.json | 282 +- ...ker.io_matrixdotorg_synapse:v1.110.0.json} | 4499 +++++++---------- ...ker.io_vectorim_element-web:v1.11.69.json} | 174 +- ...e-operator-conversion-webhook:2.19.0.json} | 368 +- ...io_vectorim_ess-core-operator:2.19.0.json} | 2468 ++++----- ...re-updater-conversion-webhook:2.19.0.json} | 368 +- ....io_vectorim_ess-core-updater:2.19.0.json} | 2472 ++++----- ...ectorim_matrix-content-scanner:v1.0.6.json | 338 +- ...o_element-hq_docker-clamav:1.1-patch2.json | 178 +- ...ker-icap:core-0.5.10-mod-0.5.5-patch2.json | 298 +- ....io_matrix-org_sliding-sync:v0.99.19.json} | 1171 ++--- ...ay.io_brancz_kube-rbac-proxy:v0.18.0.json} | 4123 ++++----------- 36 files changed, 7196 insertions(+), 9905 deletions(-) rename sboms/{docker.io_matrixdotorg_synapse:v1.107.0.json => docker.io_matrixdotorg_synapse:v1.110.0.json} (86%) rename sboms/{docker.io_vectorim_element-web:v1.11.68.json => docker.io_vectorim_element-web:v1.11.69.json} (93%) rename sboms/{docker.io_vectorim_ess-core-operator-conversion-webhook:2.18.6.json => docker.io_vectorim_ess-core-operator-conversion-webhook:2.19.0.json} (85%) rename sboms/{docker.io_vectorim_ess-core-operator:2.18.6.json => docker.io_vectorim_ess-core-operator:2.19.0.json} (90%) rename sboms/{docker.io_vectorim_ess-core-updater-conversion-webhook:2.18.6.json => docker.io_vectorim_ess-core-updater-conversion-webhook:2.19.0.json} (85%) rename sboms/{docker.io_vectorim_ess-core-updater:2.18.6.json => docker.io_vectorim_ess-core-updater:2.19.0.json} (90%) rename sboms/{ghcr.io_matrix-org_sliding-sync:v0.99.17.json => ghcr.io_matrix-org_sliding-sync:v0.99.19.json} (84%) rename sboms/{gcr.io_kubebuilder_kube-rbac-proxy:v0.14.1.json => quay.io_brancz_kube-rbac-proxy:v0.18.0.json} (50%) diff --git a/Dockerfile.base b/Dockerfile.base index 99d5e73..b9d329d 100644 --- a/Dockerfile.base +++ b/Dockerfile.base @@ -14,7 +14,7 @@ RUN apt update && apt install -y git make && \ cd /workspace && \ git clone https://github.com/element-hq/ansible-operator-plugins.git && \ cd ansible-operator-plugins && \ - git checkout gaelg/mark-unsafe-non-spec-object && \ + git checkout gaelg/mark-unsafe-non-spec-object-main && \ make build/ansible-operator && \ mv ./ansible-operator /usr/local/bin/ansible-operator && \ chmod +x /usr/local/bin/ansible-operator && /usr/local/bin/ansible-operator version diff --git a/config/crd/element-deployment/base/starter-core/matrix_content_scanner.yaml b/config/crd/element-deployment/base/starter-core/matrix_content_scanner.yaml index 1b0209b..c0235bf 100644 --- a/config/crd/element-deployment/base/starter-core/matrix_content_scanner.yaml +++ b/config/crd/element-deployment/base/starter-core/matrix_content_scanner.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 New Vector Ltd +# Copyright 2023-2024 New Vector Ltd # # SPDX-License-Identifier: AGPL-3.0-or-later @@ -8,6 +8,8 @@ value: type: object description: A web service for scanning media hosted on a Matrix media repository. + required: + - config properties: secretName: default: matrix-content-scanner diff --git a/config/crd/element-deployment/base/starter-core/sliding_sync.yaml b/config/crd/element-deployment/base/starter-core/sliding_sync.yaml index 754f8db..69303ab 100644 --- a/config/crd/element-deployment/base/starter-core/sliding_sync.yaml +++ b/config/crd/element-deployment/base/starter-core/sliding_sync.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 New Vector Ltd +# Copyright 2023-2024 New Vector Ltd # # SPDX-License-Identifier: AGPL-3.0-or-later @@ -9,6 +9,8 @@ value: type: object description: Sliding Sync is a backend component required by the Element X client beta. It provides a mechanism for the fast synchronisation of Matrix rooms. It is not recommended for production use and is only provide to enable the usage of the Element X client. The current version does not support SSO (OIDC/SAML/CAS). If you wish to try out the Element X client, then you need to be using password-based auth to allow Sliding Sync to work. SSO support (OIDC/SAML/CAS) will be added with a later version of the Sliding Sync tooling. + required: + - config properties: secretName: default: sliding-sync diff --git a/config/crd/element-deployment/base/starter-core/synapse.yaml b/config/crd/element-deployment/base/starter-core/synapse.yaml index 45bc2db..e3ae389 100644 --- a/config/crd/element-deployment/base/starter-core/synapse.yaml +++ b/config/crd/element-deployment/base/starter-core/synapse.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 New Vector Ltd +# Copyright 2023-2024 New Vector Ltd # # SPDX-License-Identifier: AGPL-3.0-or-later @@ -8,6 +8,8 @@ value: type: object description: This is a matrix homeserver. + required: + - config properties: secretName: default: synapse diff --git a/helm/operator/Chart.yaml b/helm/operator/Chart.yaml index 695f94d..7ca255b 100644 --- a/helm/operator/Chart.yaml +++ b/helm/operator/Chart.yaml @@ -20,9 +20,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 2.18.6 +version: 2.19.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 2.18.6 +appVersion: 2.19.0 diff --git a/helm/operator/source-values.yaml b/helm/operator/source-values.yaml index 797d047..3506a30 100644 --- a/helm/operator/source-values.yaml +++ b/helm/operator/source-values.yaml @@ -34,7 +34,7 @@ crds: imagePullPolicy: Always image: repository: docker.io/vectorim/ess-core-operator-conversion-webhook - tag: 2.18.6 + tag: 2.19.0 operator: extraPodSpec: securityContext: @@ -57,7 +57,7 @@ operator: - name: DEBUG_MANIFESTS value: "0" - name: ANSIBLE_VERBOSITY - value: "1" + value: "0" extraContainerSpec: securityContext: allowPrivilegeEscalation: false @@ -68,7 +68,7 @@ operator: imagePullPolicy: Always image: repository: docker.io/vectorim/ess-core-operator - tag: 2.18.6 + tag: 2.19.0 rbacProxy: resources: limits: @@ -90,5 +90,5 @@ operator: - ALL imagePullPolicy: Always image: - repository: gcr.io/kubebuilder/kube-rbac-proxy - tag: v0.14.1 + repository: quay.io/brancz/kube-rbac-proxy + tag: v0.18.0 diff --git a/helm/operator/values.yaml b/helm/operator/values.yaml index 2963d6a..f9dd308 100644 --- a/helm/operator/values.yaml +++ b/helm/operator/values.yaml @@ -34,7 +34,7 @@ crds: imagePullPolicy: Always image: repository: docker.io/vectorim/ess-core-operator-conversion-webhook - tag: 2.18.6 + tag: 2.19.0 operator: extraPodSpec: securityContext: @@ -57,7 +57,7 @@ operator: - name: DEBUG_MANIFESTS value: "0" - name: ANSIBLE_VERBOSITY - value: "1" + value: "0" extraContainerSpec: securityContext: allowPrivilegeEscalation: false @@ -68,7 +68,7 @@ operator: imagePullPolicy: Always image: repository: docker.io/vectorim/ess-core-operator - tag: 2.18.6 + tag: 2.19.0 rbacProxy: resources: limits: @@ -90,8 +90,8 @@ operator: - ALL imagePullPolicy: Always image: - repository: gcr.io/kubebuilder/kube-rbac-proxy - tag: v0.14.1 + repository: quay.io/brancz/kube-rbac-proxy + tag: v0.18.0 conversion-webhook: image: repository: "" diff --git a/helm/updater/Chart.yaml b/helm/updater/Chart.yaml index 30accf1..38d49e0 100644 --- a/helm/updater/Chart.yaml +++ b/helm/updater/Chart.yaml @@ -20,9 +20,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 2.18.6 +version: 2.19.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 2.18.6 +appVersion: 2.19.0 diff --git a/helm/updater/source-values.yaml b/helm/updater/source-values.yaml index 9e5e5f2..ed203ff 100644 --- a/helm/updater/source-values.yaml +++ b/helm/updater/source-values.yaml @@ -34,7 +34,7 @@ crds: imagePullPolicy: Always image: repository: docker.io/vectorim/ess-core-updater-conversion-webhook - tag: 2.18.6 + tag: 2.19.0 updater: extraPodSpec: securityContext: @@ -58,7 +58,7 @@ updater: - name: DEBUG_MANIFESTS value: "0" - name: ANSIBLE_VERBOSITY - value: "1" + value: "0" extraContainerSpec: securityContext: allowPrivilegeEscalation: false @@ -68,7 +68,7 @@ updater: - ALL image: repository: docker.io/vectorim/ess-core-updater - tag: 2.18.6 + tag: 2.19.0 rbacProxy: resources: limits: @@ -85,5 +85,5 @@ updater: - ALL imagePullPolicy: Always image: - repository: gcr.io/kubebuilder/kube-rbac-proxy - tag: v0.14.1 + repository: quay.io/brancz/kube-rbac-proxy + tag: v0.18.0 diff --git a/helm/updater/templates/customresourcedefinition-elementdeployment.yaml b/helm/updater/templates/customresourcedefinition-elementdeployment.yaml index 21511bb..720da6a 100644 --- a/helm/updater/templates/customresourcedefinition-elementdeployment.yaml +++ b/helm/updater/templates/customresourcedefinition-elementdeployment.yaml @@ -957,6 +957,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object slidingSync: description: Sliding Sync is a backend component required by the Element X client beta. It provides a mechanism for the fast synchronisation of Matrix rooms. It is not recommended for production use and is only provide to enable the usage of the Element X client. The current version does not support SSO (OIDC/SAML/CAS). If you wish to try out the Element X client, then you need to be using password-based auth to allow Sliding Sync to work. SSO support (OIDC/SAML/CAS) will be added with a later version of the Sliding Sync tooling. @@ -1314,6 +1316,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object synapse: description: This is a matrix homeserver. @@ -2122,6 +2126,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object wellKnownDelegation: description: This is a well known delegation file hosted as a static site. @@ -3615,6 +3621,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object slidingSync: description: Sliding Sync is a backend component required by the Element X client beta. It provides a mechanism for the fast synchronisation of Matrix rooms. It is not recommended for production use and is only provide to enable the usage of the Element X client. The current version does not support SSO (OIDC/SAML/CAS). If you wish to try out the Element X client, then you need to be using password-based auth to allow Sliding Sync to work. SSO support (OIDC/SAML/CAS) will be added with a later version of the Sliding Sync tooling. @@ -3972,6 +3980,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object synapse: description: This is a matrix homeserver. @@ -4780,6 +4790,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object wellKnownDelegation: description: This is a well known delegation file hosted as a static site. diff --git a/helm/updater/values.yaml b/helm/updater/values.yaml index 7ea403d..fb3c414 100644 --- a/helm/updater/values.yaml +++ b/helm/updater/values.yaml @@ -34,7 +34,7 @@ crds: imagePullPolicy: Always image: repository: docker.io/vectorim/ess-core-updater-conversion-webhook - tag: 2.18.6 + tag: 2.19.0 updater: extraPodSpec: securityContext: @@ -58,7 +58,7 @@ updater: - name: DEBUG_MANIFESTS value: "0" - name: ANSIBLE_VERBOSITY - value: "1" + value: "0" extraContainerSpec: securityContext: allowPrivilegeEscalation: false @@ -68,7 +68,7 @@ updater: - ALL image: repository: docker.io/vectorim/ess-core-updater - tag: 2.18.6 + tag: 2.19.0 rbacProxy: resources: limits: @@ -85,8 +85,8 @@ updater: - ALL imagePullPolicy: Always image: - repository: gcr.io/kubebuilder/kube-rbac-proxy - tag: v0.14.1 + repository: quay.io/brancz/kube-rbac-proxy + tag: v0.18.0 conversion-webhook: image: repository: "" diff --git a/roles/elementdeployment/defaults/main/images.yml b/roles/elementdeployment/defaults/main/images.yml index 81cdc69..43c542b 100644 --- a/roles/elementdeployment/defaults/main/images.yml +++ b/roles/elementdeployment/defaults/main/images.yml @@ -7,12 +7,12 @@ default_images_digests: element_web: image_repository_server: docker.io image_repository_path: vectorim/element-web - image_tag: v1.11.68 + image_tag: v1.11.69 kube_rbac_proxy: kube_rbac_proxy: - image_repository_server: gcr.io - image_repository_path: kubebuilder/kube-rbac-proxy - image_tag: v0.14.1 + image_repository_server: quay.io + image_repository_path: brancz/kube-rbac-proxy + image_tag: v0.18.0 matrix_content_scanner: icap: image_repository_server: ghcr.io @@ -30,7 +30,7 @@ default_images_digests: api: image_repository_server: ghcr.io image_repository_path: matrix-org/sliding-sync - image_tag: v0.99.17 + image_tag: v0.99.19 synapse: haproxy: image_repository_server: docker.io @@ -43,7 +43,7 @@ default_images_digests: synapse: image_repository_server: docker.io image_repository_path: matrixdotorg/synapse - image_tag: v1.107.0 + image_tag: v1.110.0 well_known_delegation: well_known_delegation: image_repository_server: docker.io diff --git a/roles/elementdeployment/files/elementdeployment-schema.yaml b/roles/elementdeployment/files/elementdeployment-schema.yaml index 4a96f36..fd74cf9 100644 --- a/roles/elementdeployment/files/elementdeployment-schema.yaml +++ b/roles/elementdeployment/files/elementdeployment-schema.yaml @@ -952,6 +952,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object slidingSync: description: Sliding Sync is a backend component required by the Element X client beta. It provides a mechanism for the fast synchronisation of Matrix rooms. It is not recommended for production use and is only provide to enable the usage of the Element X client. The current version does not support SSO (OIDC/SAML/CAS). If you wish to try out the Element X client, then you need to be using password-based auth to allow Sliding Sync to work. SSO support (OIDC/SAML/CAS) will be added with a later version of the Sliding Sync tooling. @@ -1309,6 +1311,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object synapse: description: This is a matrix homeserver. @@ -2117,6 +2121,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object wellKnownDelegation: description: This is a well known delegation file hosted as a static site. @@ -3610,6 +3616,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object slidingSync: description: Sliding Sync is a backend component required by the Element X client beta. It provides a mechanism for the fast synchronisation of Matrix rooms. It is not recommended for production use and is only provide to enable the usage of the Element X client. The current version does not support SSO (OIDC/SAML/CAS). If you wish to try out the Element X client, then you need to be using password-based auth to allow Sliding Sync to work. SSO support (OIDC/SAML/CAS) will be added with a later version of the Sliding Sync tooling. @@ -3967,6 +3975,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object synapse: description: This is a matrix homeserver. @@ -4775,6 +4785,8 @@ spec: maxLength: 253 pattern: ^[a-z0-9]([\-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([\-a-z0-9]*[a-z0-9])?)*$ type: string + required: + - config type: object wellKnownDelegation: description: This is a well known delegation file hosted as a static site. diff --git a/roles/elementdeployment/tasks/prepare.yml b/roles/elementdeployment/tasks/prepare.yml index b37425b..4c1c98c 100644 --- a/roles/elementdeployment/tasks/prepare.yml +++ b/roles/elementdeployment/tasks/prepare.yml @@ -38,3 +38,4 @@ {% endfor %} {% endif %} {% endfor %} + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" diff --git a/roles/elementdeployment/tasks/prerequisites/all_secrets.yml b/roles/elementdeployment/tasks/prerequisites/all_secrets.yml index 4b04cc3..a9b8909 100644 --- a/roles/elementdeployment/tasks/prerequisites/all_secrets.yml +++ b/roles/elementdeployment/tasks/prerequisites/all_secrets.yml @@ -16,6 +16,7 @@ }} block: - name: "Fetch all components secrets" + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: _all_secrets_yaml: | {% for item in _secret_names %} @@ -30,6 +31,7 @@ {% endfor %} - name: Build all secrets variable + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: _all_secrets: >- {{ diff --git a/roles/elementdeployment/tasks/prerequisites/global_secret.yml b/roles/elementdeployment/tasks/prerequisites/global_secret.yml index ea56469..0c4c2fb 100644 --- a/roles/elementdeployment/tasks/prerequisites/global_secret.yml +++ b/roles/elementdeployment/tasks/prerequisites/global_secret.yml @@ -5,6 +5,7 @@ --- - name: Fetch global secret + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: _global_secret: > {{ diff --git a/roles/generic_apply/tasks/main.yml b/roles/generic_apply/tasks/main.yml index 99d75cf..37ea367 100644 --- a/roles/generic_apply/tasks/main.yml +++ b/roles/generic_apply/tasks/main.yml @@ -5,6 +5,7 @@ --- - name: "Prepare Manifests" + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: # These are strings each containing a single YAML document _individual_manifest_strings: > @@ -31,6 +32,7 @@ # Without this, null values are causing errors such as # spec.workloads.synapse: Invalid value: "null" spec.workloads.synapse in body must be of type object - name: "Construct Manifests" + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: # These are objects after various processing has been done to them _prepared_manifest_objects: > @@ -70,6 +72,8 @@ when: _risky_manifest_objects | length > 0 - name: Maintain resources that support recreation + # Manifests are leaked due to index_var + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.include_tasks: "apply_then_recreate.yml" vars: # noqa: jinja[invalid] diff --git a/roles/synapse/tasks/bootstrap.yml b/roles/synapse/tasks/bootstrap.yml index 81e6225..ebe7477 100644 --- a/roles/synapse/tasks/bootstrap.yml +++ b/roles/synapse/tasks/bootstrap.yml @@ -5,6 +5,7 @@ --- - name: "Fetch Synapse main statefulset" + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: _synapse_main_sts: >- {{ diff --git a/roles/synapse/tasks/dependencies/registration_files.yml b/roles/synapse/tasks/dependencies/registration_files.yml index 163f642..9601017 100644 --- a/roles/synapse/tasks/dependencies/registration_files.yml +++ b/roles/synapse/tasks/dependencies/registration_files.yml @@ -36,6 +36,7 @@ # We make sure that all registration files have a registation.yaml key # and we build a list of hashes - name: "Lookup the registration files hashes" + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: _fetched_registration_files_hash: > {{ diff --git a/roles/synapse/tasks/synapse_process.yml b/roles/synapse/tasks/synapse_process.yml index 82f0bff..1f47836 100644 --- a/roles/synapse/tasks/synapse_process.yml +++ b/roles/synapse/tasks/synapse_process.yml @@ -5,6 +5,7 @@ --- - name: "Set specific_worker_yaml for {{ process_type }}" + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: specific_worker_yaml: "{{ lookup('template', 'worker.yaml.j2') }}" diff --git a/roles/synapse/tasks/validation.yml b/roles/synapse/tasks/validation.yml index 6044509..5cec66f 100644 --- a/roles/synapse/tasks/validation.yml +++ b/roles/synapse/tasks/validation.yml @@ -5,6 +5,7 @@ --- - name: "Fetch Synapse secrets" + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: _fetched_synapse_secrets: >- {{ @@ -46,6 +47,7 @@ when: config.media.volume_claim | default("") | length > 0 block: - name: "Fetch Synapse media volume" + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: _synapse_media_volume_claim: >- {{ diff --git a/roles/teardown/tasks/main.yml b/roles/teardown/tasks/main.yml index 2bee791..6e0ecbf 100644 --- a/roles/teardown/tasks/main.yml +++ b/roles/teardown/tasks/main.yml @@ -5,6 +5,7 @@ --- - name: "Find unused resources" + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" vars: _label_selectors: - "app.kubernetes.io/managed-by={{ kind_managed_by }}" @@ -33,6 +34,7 @@ # Doing as two step process for debugging - name: "Filter resources managed by this kind of CRD" + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: _teardown_candidates_with_correct_owner_kind: >- {{ _teardown_candidates @@ -46,6 +48,7 @@ query: "[?metadata.ownerReferences[?kind == `{{ kind_owner }}`]]" - name: "Remove resources under control of something not named {{ ansible_operator_meta.name }}" + no_log: "{{ lookup('env', 'DEBUG_MANIFESTS') | int != 1 }}" ansible.builtin.set_fact: _to_teardown: "{{ _teardown_candidates_with_correct_owner_kind | json_query(query) }}" vars: diff --git a/sboms/docker.io_library_haproxy:2.8-alpine.json b/sboms/docker.io_library_haproxy:2.8-alpine.json index 35d1f80..634cd21 100644 --- a/sboms/docker.io_library_haproxy:2.8-alpine.json +++ b/sboms/docker.io_library_haproxy:2.8-alpine.json @@ -1,18 +1,18 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:15821b65-3e78-4583-9bde-f392bc2441e1", + "specVersion": "1.6", + "serialNumber": "urn:uuid:8c6a4200-84dd-4934-9591-fe2cd5be09dc", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:53:43Z", + "timestamp": "2024-07-05T11:45:13Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, @@ -1959,7 +1959,7 @@ ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:5b03f479-72c2-4d44-84d9-19d0de57aa85", + "bom-ref": "urn:uuid:7d9194ed-a083-43bf-90f7-8c8d300009eb", "id": "CVE-2016-2102", "source": { "name": "nvd-cpe", @@ -2001,7 +2001,7 @@ ] }, { - "bom-ref": "urn:uuid:121d1dcf-9722-44ac-88f5-f973b3e23c57", + "bom-ref": "urn:uuid:986e6bb3-3ab8-4589-8303-5f0d9cd3dbce", "id": "CVE-2023-0056", "source": { "name": "nvd-cpe", @@ -2035,6 +2035,70 @@ "ref": "pkg:generic/haproxy@2.8.10?package-id=4c7f7a666f86d64d" } ] + }, + { + "bom-ref": "urn:uuid:2275955c-29e1-4953-b801-2ee820e810a0", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.20", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.20", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libcrypto3@3.3.1-r0?arch=x86_64&upstream=openssl&distro=alpine-3.20.1&package-id=a0d1447e2b233076" + } + ] + }, + { + "bom-ref": "urn:uuid:08d952f3-ccb9-44fa-8b45-0e5667189d36", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.20", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.20", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libssl3@3.3.1-r0?arch=x86_64&upstream=openssl&distro=alpine-3.20.1&package-id=256036fb4c0abaea" + } + ] } ] } diff --git a/sboms/docker.io_library_nginx:1.24-alpine-slim.json b/sboms/docker.io_library_nginx:1.24-alpine-slim.json index 49dd697..62bd091 100644 --- a/sboms/docker.io_library_nginx:1.24-alpine-slim.json +++ b/sboms/docker.io_library_nginx:1.24-alpine-slim.json @@ -1,18 +1,18 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:e21b210c-ea3d-494c-a88a-8eadf53a72fa", + "specVersion": "1.6", + "serialNumber": "urn:uuid:104173ab-f54e-48b9-bf72-0dff8316188a", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:53:46Z", + "timestamp": "2024-07-05T11:45:16Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, @@ -1888,7 +1888,7 @@ ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:936ecdac-a58d-4ab3-a7d5-eb3617a3c98a", + "bom-ref": "urn:uuid:c13a84a4-9b69-49fb-a98e-3faead81105d", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.17", @@ -1920,7 +1920,7 @@ ] }, { - "bom-ref": "urn:uuid:d8e71629-49ac-400c-8e61-830b5956fe39", + "bom-ref": "urn:uuid:266986b0-0009-4661-8061-0f86c62c0fe6", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.17", @@ -1952,7 +1952,7 @@ ] }, { - "bom-ref": "urn:uuid:c61f6bd8-32b7-40f2-a3a5-5aaa7856d9cc", + "bom-ref": "urn:uuid:e86bf356-bde0-4944-860d-3a5a010f4e21", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.17", @@ -1984,7 +1984,7 @@ ] }, { - "bom-ref": "urn:uuid:859ef2ec-b417-4898-ac5b-ec494c4cddcf", + "bom-ref": "urn:uuid:1ee1e12b-40f7-4543-9b46-24d300a6434a", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.17", @@ -2016,7 +2016,7 @@ ] }, { - "bom-ref": "urn:uuid:afd67836-b782-461d-a703-ea2120c00a10", + "bom-ref": "urn:uuid:4a1529c5-6276-4e23-9b6a-7427a9ee1d6c", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.17", @@ -2048,7 +2048,7 @@ ] }, { - "bom-ref": "urn:uuid:db8e289f-9307-4109-b88e-e7ae3e55e98d", + "bom-ref": "urn:uuid:7454df10-0977-4a9f-9ae1-1c55ba8dc418", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.17", @@ -2080,7 +2080,7 @@ ] }, { - "bom-ref": "urn:uuid:2065f063-dd1f-47cf-9d35-55d8c446abcb", + "bom-ref": "urn:uuid:a072655f-fc6c-484b-a495-42c4a849475d", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.17", @@ -2112,7 +2112,7 @@ ] }, { - "bom-ref": "urn:uuid:a2ddc599-72e9-41c3-84ea-516ebbaa2cc9", + "bom-ref": "urn:uuid:5e244e98-f689-4a52-ba86-a964064900ae", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.17", @@ -2144,7 +2144,7 @@ ] }, { - "bom-ref": "urn:uuid:7d3815aa-4d7c-4273-a5f5-b3afcd550035", + "bom-ref": "urn:uuid:36b9e5c3-f906-4174-9d5d-97aafd850525", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.17", @@ -2176,7 +2176,7 @@ ] }, { - "bom-ref": "urn:uuid:91a636d4-7786-4749-8d29-1f4ebd4a38a2", + "bom-ref": "urn:uuid:040d4399-87b1-4718-ac27-c8c19f988bd8", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.17", @@ -2208,7 +2208,7 @@ ] }, { - "bom-ref": "urn:uuid:11f9594b-3313-4d1a-99c0-43e816e7c891", + "bom-ref": "urn:uuid:3f4b8f90-8eb0-463b-98bc-9197f1812172", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.17", @@ -2240,7 +2240,7 @@ ] }, { - "bom-ref": "urn:uuid:a2831a17-4d22-4fdf-8cb1-48c77b62e583", + "bom-ref": "urn:uuid:e3927b37-aa74-4ea7-941a-b8e4770a9d4e", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.17", @@ -2272,7 +2272,7 @@ ] }, { - "bom-ref": "urn:uuid:0d6d813d-1d51-499e-b17b-f6bc1302704f", + "bom-ref": "urn:uuid:bed4b13e-691e-48e7-9947-11a28e556144", "id": "CVE-2024-2511", "source": { "name": "alpine-distro-alpine-3.17", @@ -2304,7 +2304,7 @@ ] }, { - "bom-ref": "urn:uuid:35d0fe99-c0a8-4fa6-b834-11f76c2a2cc3", + "bom-ref": "urn:uuid:66665d2a-d573-430f-9074-2ef54b65f2b3", "id": "CVE-2024-2511", "source": { "name": "alpine-distro-alpine-3.17", @@ -2336,7 +2336,7 @@ ] }, { - "bom-ref": "urn:uuid:18777ed0-0aeb-4432-8346-94837b02884d", + "bom-ref": "urn:uuid:bf0d02cb-af82-4f13-a1b5-e57ab62b5a07", "id": "CVE-2024-4603", "source": { "name": "alpine-distro-alpine-3.17", @@ -2368,7 +2368,7 @@ ] }, { - "bom-ref": "urn:uuid:db9b832a-0b15-4358-8714-f0c305217c2d", + "bom-ref": "urn:uuid:29a97cf2-e307-4e9c-8ae0-daf811a30e2d", "id": "CVE-2024-4603", "source": { "name": "alpine-distro-alpine-3.17", @@ -2398,6 +2398,134 @@ "ref": "pkg:apk/alpine/libssl3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=c7c847e89d4d479a" } ] + }, + { + "bom-ref": "urn:uuid:dc83ce03-876c-4cb7-9912-6079dafa72c3", + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + }, + "references": [ + { + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=1dbdec7b5a8c9789" + } + ] + }, + { + "bom-ref": "urn:uuid:d7f1722d-5d96-48c1-add0-3fda06fe4ee6", + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + }, + "references": [ + { + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libssl3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=c7c847e89d4d479a" + } + ] + }, + { + "bom-ref": "urn:uuid:7d1b404f-68b0-4ead-bf4e-b2fc9635c69e", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=1dbdec7b5a8c9789" + } + ] + }, + { + "bom-ref": "urn:uuid:1d7c5660-c22d-4900-87dd-bbdaa2cdb28c", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libssl3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=c7c847e89d4d479a" + } + ] } ] } diff --git a/sboms/docker.io_library_redis:7.2-alpine.json b/sboms/docker.io_library_redis:7.2-alpine.json index e127c87..d94407a 100644 --- a/sboms/docker.io_library_redis:7.2-alpine.json +++ b/sboms/docker.io_library_redis:7.2-alpine.json @@ -1,18 +1,18 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:86c840db-bf2f-46e1-877d-b5ecb4cc5c11", + "specVersion": "1.6", + "serialNumber": "urn:uuid:9fe9ebcc-9457-4ea2-ae2e-8b088bc0bafc", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:53:49Z", + "timestamp": "2024-07-05T11:45:19Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, @@ -1810,11 +1810,19 @@ "pkg:apk/alpine/libssl3@3.3.1-r0?arch=x86_64&upstream=openssl&distro=alpine-3.20.1&package-id=256036fb4c0abaea", "pkg:apk/alpine/musl@1.2.5-r0?arch=x86_64&distro=alpine-3.20.1&package-id=3ea0974d202d0c73" ] + }, + { + "ref": "pkg:golang/github.com/tianon/gosu@(devel)?package-id=0028854aa5a73897", + "dependsOn": [ + "pkg:golang/github.com/moby/sys@v0.1.0?package-id=ee165e286debc751#user", + "pkg:golang/golang.org/x/sys@v0.13.0?package-id=a669bc14b34a9768", + "pkg:golang/stdlib@1.18.2?package-id=bd0350174db7828f" + ] } ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:5537c919-7699-44b3-8c9e-a19249f938b1", + "bom-ref": "urn:uuid:364fbda5-400f-4dad-b5c8-a524a1e3c59a", "id": "CVE-2022-1705", "source": { "name": "nvd-cpe", @@ -1865,7 +1873,7 @@ ] }, { - "bom-ref": "urn:uuid:208b14ce-c727-4e0e-8dc7-c11737f50d76", + "bom-ref": "urn:uuid:742e0deb-bfb6-4944-939c-a6de3fad840e", "id": "CVE-2022-1962", "source": { "name": "nvd-cpe", @@ -1913,7 +1921,7 @@ ] }, { - "bom-ref": "urn:uuid:4469e3bc-35c2-47cf-8239-204e72efc49c", + "bom-ref": "urn:uuid:193da893-d9c5-403b-b3c5-9e117f444e10", "id": "CVE-2022-27664", "source": { "name": "nvd-cpe", @@ -1964,7 +1972,7 @@ ] }, { - "bom-ref": "urn:uuid:b34602d6-0810-4ab6-8e9d-679eaaf7c83f", + "bom-ref": "urn:uuid:15f28737-9f95-4a83-bfcc-55af8b1d49d3", "id": "CVE-2022-28131", "source": { "name": "nvd-cpe", @@ -2012,7 +2020,7 @@ ] }, { - "bom-ref": "urn:uuid:5b7a4587-0401-49ff-a078-14da694c36ba", + "bom-ref": "urn:uuid:b4f8a630-f119-4234-84e6-1bf7a9497891", "id": "CVE-2022-2879", "source": { "name": "nvd-cpe", @@ -2060,7 +2068,7 @@ ] }, { - "bom-ref": "urn:uuid:a5e1d6ba-665a-4728-b2f0-666a9de30967", + "bom-ref": "urn:uuid:b65ede52-a8d2-43d3-8eb1-2572246653a5", "id": "CVE-2022-2880", "source": { "name": "nvd-cpe", @@ -2108,7 +2116,7 @@ ] }, { - "bom-ref": "urn:uuid:5a1c9faa-a9da-43ef-87db-9f1fca6106a7", + "bom-ref": "urn:uuid:97636e3b-1255-4702-a852-a96124104a38", "id": "CVE-2022-30580", "source": { "name": "nvd-cpe", @@ -2156,7 +2164,7 @@ ] }, { - "bom-ref": "urn:uuid:50ca605c-e287-4004-b4fd-9a108eca723c", + "bom-ref": "urn:uuid:47765734-8032-4ccd-ac04-e626f53f6e2f", "id": "CVE-2022-30629", "source": { "name": "nvd-cpe", @@ -2204,7 +2212,7 @@ ] }, { - "bom-ref": "urn:uuid:450cc81e-1c2a-468f-9bb3-f2e4d611b806", + "bom-ref": "urn:uuid:8ffcba1a-5850-45c3-a69c-2eeed0c714bb", "id": "CVE-2022-30630", "source": { "name": "nvd-cpe", @@ -2252,7 +2260,7 @@ ] }, { - "bom-ref": "urn:uuid:7de2ec84-1e3a-4656-a314-3f05a58598fc", + "bom-ref": "urn:uuid:7df44862-b8c0-494d-a3b6-c6dc0f01b6a7", "id": "CVE-2022-30631", "source": { "name": "nvd-cpe", @@ -2300,7 +2308,7 @@ ] }, { - "bom-ref": "urn:uuid:cc4c563a-89d7-4a6e-9ee8-31c7e6a52d1f", + "bom-ref": "urn:uuid:5acf7eb1-4cd0-4c0f-aac3-a250affbde6e", "id": "CVE-2022-30632", "source": { "name": "nvd-cpe", @@ -2348,7 +2356,7 @@ ] }, { - "bom-ref": "urn:uuid:ede6af3c-3c4b-49db-883a-b9af268a64c4", + "bom-ref": "urn:uuid:d4a1cc8b-9f19-4a58-ae98-c889116c7225", "id": "CVE-2022-30633", "source": { "name": "nvd-cpe", @@ -2396,7 +2404,7 @@ ] }, { - "bom-ref": "urn:uuid:2e0eb428-1495-4a76-8ed0-34d85ecef066", + "bom-ref": "urn:uuid:89ba1e38-0833-40a4-9654-d9048b075ebc", "id": "CVE-2022-30635", "source": { "name": "nvd-cpe", @@ -2444,7 +2452,7 @@ ] }, { - "bom-ref": "urn:uuid:dc175355-c33d-4946-b12a-dfb01bcc9f93", + "bom-ref": "urn:uuid:176834f5-bb3d-442c-844a-de678ac3b74f", "id": "CVE-2022-32148", "source": { "name": "nvd-cpe", @@ -2492,7 +2500,7 @@ ] }, { - "bom-ref": "urn:uuid:0defa397-dcea-4e5d-b7a9-e03c3d481792", + "bom-ref": "urn:uuid:f386af67-c704-490f-9d9e-82892db6f74f", "id": "CVE-2022-32189", "source": { "name": "nvd-cpe", @@ -2540,7 +2548,7 @@ ] }, { - "bom-ref": "urn:uuid:396a19d1-5452-4479-bdde-2effb3b8440e", + "bom-ref": "urn:uuid:87ec544a-6fb0-4ed7-bbea-4f0dd734feac", "id": "CVE-2022-41715", "source": { "name": "nvd-cpe", @@ -2588,7 +2596,7 @@ ] }, { - "bom-ref": "urn:uuid:3504b0ce-14ef-471c-8c1a-45c3ecf13c13", + "bom-ref": "urn:uuid:efacd2b0-c1a5-45d6-b297-031d51338644", "id": "CVE-2022-41717", "source": { "name": "nvd-cpe", @@ -2690,7 +2698,7 @@ ] }, { - "bom-ref": "urn:uuid:c2d6d336-eea4-4245-bebf-171b2cfb48ef", + "bom-ref": "urn:uuid:59faa09e-fa52-47c3-91fc-dddab7448d07", "id": "CVE-2022-41722", "source": { "name": "nvd-cpe", @@ -2735,7 +2743,7 @@ ] }, { - "bom-ref": "urn:uuid:5cb14c84-054c-48aa-9866-22591ad33cdd", + "bom-ref": "urn:uuid:2c7ef6db-62e2-418d-b8d0-324cb48bc057", "id": "CVE-2022-41723", "source": { "name": "nvd-cpe", @@ -2810,7 +2818,7 @@ ] }, { - "bom-ref": "urn:uuid:6097f562-1c90-4ed4-8cd6-6dc83af469b2", + "bom-ref": "urn:uuid:d736d0e8-a9cd-454c-b6c3-7930fe964760", "id": "CVE-2022-41724", "source": { "name": "nvd-cpe", @@ -2858,7 +2866,7 @@ ] }, { - "bom-ref": "urn:uuid:93c591fd-5580-4f75-acee-aa5fd3336840", + "bom-ref": "urn:uuid:f406c434-1157-443d-afba-ffe9d9a1a0d6", "id": "CVE-2022-41725", "source": { "name": "nvd-cpe", @@ -2906,7 +2914,52 @@ ] }, { - "bom-ref": "urn:uuid:221cf4d8-0721-4f3f-8c6b-790d5cdbe098", + "bom-ref": "urn:uuid:c63fbcce-7114-4546-b9d7-353986bdec10", + "id": "CVE-2023-24531", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24531" + }, + "references": [ + { + "id": "CVE-2023-24531", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24531" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "description": "Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is relatively minor because, in general, if an attacker can set arbitrary environment variables on a system, they have better attack vectors than making \"go env\" print them out.", + "advisories": [ + { + "url": "https://go.dev/cl/488375" + }, + { + "url": "https://go.dev/cl/493535" + }, + { + "url": "https://go.dev/issue/58508" + }, + { + "url": "https://groups.google.com/g/golang-dev/c/ixHOFpSbajE/m/8EjlbKVWAwAJ" + }, + { + "url": "https://pkg.go.dev/vuln/GO-2024-2962" + } + ], + "affects": [ + { + "ref": "pkg:golang/stdlib@1.18.2?package-id=bd0350174db7828f" + } + ] + }, + { + "bom-ref": "urn:uuid:a88e0954-f512-431a-96d2-c10d8dd71602", "id": "CVE-2023-24532", "source": { "name": "nvd-cpe", @@ -2951,7 +3004,7 @@ ] }, { - "bom-ref": "urn:uuid:c48f5358-da0f-474e-9abf-e1cbdf0dd3b3", + "bom-ref": "urn:uuid:2a2a198d-b25d-4bc7-8c4c-17fb24a40cd7", "id": "CVE-2023-24534", "source": { "name": "nvd-cpe", @@ -3002,7 +3055,7 @@ ] }, { - "bom-ref": "urn:uuid:babd5a6d-2d81-483f-bae9-ca8cccbe9c4d", + "bom-ref": "urn:uuid:f3898440-6e80-43d1-ab04-48f84887769f", "id": "CVE-2023-24536", "source": { "name": "nvd-cpe", @@ -3059,7 +3112,7 @@ ] }, { - "bom-ref": "urn:uuid:ae0dc84b-8041-4cdf-8397-c1ca8f0e3c48", + "bom-ref": "urn:uuid:776c9e96-0df1-4253-b9c4-2c1aa73137f6", "id": "CVE-2023-24537", "source": { "name": "nvd-cpe", @@ -3107,7 +3160,7 @@ ] }, { - "bom-ref": "urn:uuid:dbdfa868-9663-46a5-bac7-96148d0dfffc", + "bom-ref": "urn:uuid:b4544be2-0895-4ac2-ae1e-39d8313710a2", "id": "CVE-2023-24538", "source": { "name": "nvd-cpe", @@ -3155,7 +3208,7 @@ ] }, { - "bom-ref": "urn:uuid:32942165-6245-4e6f-81f9-7a945ba659c2", + "bom-ref": "urn:uuid:57e09d68-d2c9-42ab-a101-e71ca437b935", "id": "CVE-2023-24539", "source": { "name": "nvd-cpe", @@ -3200,7 +3253,7 @@ ] }, { - "bom-ref": "urn:uuid:e6af6ba7-32a1-4036-b117-7184e6ebc9b6", + "bom-ref": "urn:uuid:c7d7027b-f895-4c8a-8695-43897c7c109f", "id": "CVE-2023-24540", "source": { "name": "nvd-cpe", @@ -3245,7 +3298,7 @@ ] }, { - "bom-ref": "urn:uuid:dfec9900-32ea-42ad-aa33-fbf2cb1da3d7", + "bom-ref": "urn:uuid:bae37d62-58d0-4688-b961-a9b5cb50d219", "id": "CVE-2023-29400", "source": { "name": "nvd-cpe", @@ -3290,7 +3343,7 @@ ] }, { - "bom-ref": "urn:uuid:484c5af6-bc20-46da-815b-ba43044ed25c", + "bom-ref": "urn:uuid:b389207d-6a85-4575-98ca-7c4741d8fc61", "id": "CVE-2023-29402", "source": { "name": "nvd-cpe", @@ -3344,7 +3397,7 @@ ] }, { - "bom-ref": "urn:uuid:c7fc7f28-2ad8-4001-b675-01f68c8ab31e", + "bom-ref": "urn:uuid:df180864-976c-4c32-b1fb-32b623fa4581", "id": "CVE-2023-29403", "source": { "name": "nvd-cpe", @@ -3398,7 +3451,7 @@ ] }, { - "bom-ref": "urn:uuid:3e0d36e0-dd96-433f-9daa-039a2d4e0116", + "bom-ref": "urn:uuid:5d42b2ce-91a4-4162-a28c-6a970c12d4d7", "id": "CVE-2023-29404", "source": { "name": "nvd-cpe", @@ -3452,7 +3505,7 @@ ] }, { - "bom-ref": "urn:uuid:929fe75a-1d89-4a6b-8a8a-3e01f6cb3ab5", + "bom-ref": "urn:uuid:56048f0d-495b-4cd6-867a-5e89f89e581b", "id": "CVE-2023-29405", "source": { "name": "nvd-cpe", @@ -3506,7 +3559,7 @@ ] }, { - "bom-ref": "urn:uuid:76e133ea-de81-44dd-bfb4-de341a808175", + "bom-ref": "urn:uuid:6f2f4c3f-7bcd-4e46-97d1-49a9138ca9b9", "id": "CVE-2023-29406", "source": { "name": "nvd-cpe", @@ -3557,7 +3610,7 @@ ] }, { - "bom-ref": "urn:uuid:522771c4-853a-4f8b-ac37-f566d6e60088", + "bom-ref": "urn:uuid:f30cb75f-f036-4f31-82f4-8cbc1a5d3848", "id": "CVE-2023-29409", "source": { "name": "nvd-cpe", @@ -3608,7 +3661,7 @@ ] }, { - "bom-ref": "urn:uuid:a4405ac1-9d26-4389-a787-694cd95c7fcb", + "bom-ref": "urn:uuid:0675e1e9-6836-4f44-9f06-43a8ece9bae9", "id": "CVE-2023-39318", "source": { "name": "nvd-cpe", @@ -3659,7 +3712,7 @@ ] }, { - "bom-ref": "urn:uuid:a8860150-daa8-402a-8b1c-9c202cb80e7b", + "bom-ref": "urn:uuid:fce1365a-25d7-4fea-81db-2c37d42f1aeb", "id": "CVE-2023-39319", "source": { "name": "nvd-cpe", @@ -3710,7 +3763,7 @@ ] }, { - "bom-ref": "urn:uuid:3db0224f-d5fc-45ea-bd63-b2810cb28c74", + "bom-ref": "urn:uuid:9ca9894a-40de-44cb-ae74-82c0370afcdc", "id": "CVE-2023-39323", "source": { "name": "nvd-cpe", @@ -3770,7 +3823,7 @@ ] }, { - "bom-ref": "urn:uuid:5364adee-1578-4062-ade9-f530f32537f0", + "bom-ref": "urn:uuid:a7845a16-dd78-4836-8eb9-da5e8aba9e3b", "id": "CVE-2023-39326", "source": { "name": "nvd-cpe", @@ -3818,7 +3871,7 @@ ] }, { - "bom-ref": "urn:uuid:c64e4e0e-d87c-4b84-a50a-1fe237c06241", + "bom-ref": "urn:uuid:3e5f0b81-1f8b-4db2-ab7b-0f8ab8254366", "id": "CVE-2023-44487", "source": { "name": "nvd-cpe", @@ -4271,7 +4324,7 @@ ] }, { - "bom-ref": "urn:uuid:0190ac2e-b9b9-47b4-b99c-a73638a0c91f", + "bom-ref": "urn:uuid:95fd6657-dd3b-41b6-b833-cb7e2ff163a8", "id": "CVE-2023-45285", "source": { "name": "nvd-cpe", @@ -4319,7 +4372,7 @@ ] }, { - "bom-ref": "urn:uuid:4d3e711a-efd1-4ea4-9ff1-ef89c24ba9c0", + "bom-ref": "urn:uuid:a2a331e2-5417-4281-b46b-8a9043da8ccd", "id": "CVE-2023-45287", "source": { "name": "nvd-cpe", @@ -4370,7 +4423,7 @@ ] }, { - "bom-ref": "urn:uuid:4e8a8b39-e2cb-46a6-8fc7-7c192f813129", + "bom-ref": "urn:uuid:468103ac-a073-4276-8299-830d090bdf3d", "id": "CVE-2023-45288", "source": { "name": "nvd-cpe", @@ -4424,7 +4477,7 @@ ] }, { - "bom-ref": "urn:uuid:e6999964-0cbd-495b-baf5-5fc0f8188315", + "bom-ref": "urn:uuid:dfcaa47c-0ee0-474f-b9f5-33a7c8d38808", "id": "CVE-2023-45289", "source": { "name": "nvd-cpe", @@ -4472,7 +4525,7 @@ ] }, { - "bom-ref": "urn:uuid:a10631ed-ac59-4328-943d-755f53f80bc1", + "bom-ref": "urn:uuid:3d7d2aaf-af74-4d94-87f4-0646de6220e7", "id": "CVE-2023-45290", "source": { "name": "nvd-cpe", @@ -4520,7 +4573,7 @@ ] }, { - "bom-ref": "urn:uuid:c0f6e9c6-5d0d-4808-8eda-e55de04c5ad1", + "bom-ref": "urn:uuid:0b1ee49e-2b6c-4b6b-85ef-619a98791feb", "id": "CVE-2024-24783", "source": { "name": "nvd-cpe", @@ -4568,7 +4621,7 @@ ] }, { - "bom-ref": "urn:uuid:82d5053c-edee-48bd-a5d2-f5f1be143049", + "bom-ref": "urn:uuid:09579623-d645-4194-a86e-cd9236403aaa", "id": "CVE-2024-24784", "source": { "name": "nvd-cpe", @@ -4616,7 +4669,7 @@ ] }, { - "bom-ref": "urn:uuid:b9c1a4d5-e730-4062-8244-befc8c383c8b", + "bom-ref": "urn:uuid:a4bbb862-be09-41b4-9232-5470d06b97b8", "id": "CVE-2024-24785", "source": { "name": "nvd-cpe", @@ -4664,7 +4717,7 @@ ] }, { - "bom-ref": "urn:uuid:bc9e3d02-7062-48f4-b010-f29cd1525f0a", + "bom-ref": "urn:uuid:b60caf40-0fc6-4ced-b1d0-1a4962e61cfb", "id": "CVE-2024-24787", "source": { "name": "nvd-cpe", @@ -4681,7 +4734,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 6.4, + "severity": "medium", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "description": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.", @@ -4712,7 +4768,7 @@ ] }, { - "bom-ref": "urn:uuid:88f51fca-599a-45d5-a82a-353daee737af", + "bom-ref": "urn:uuid:8ea7df7d-20b7-43d2-914d-71a019264b35", "id": "CVE-2024-24789", "source": { "name": "nvd-cpe", @@ -4733,6 +4789,12 @@ "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" + }, + { + "score": 5.3, + "severity": "medium", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "description": "The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.", @@ -4763,7 +4825,7 @@ ] }, { - "bom-ref": "urn:uuid:72cc9def-e277-45df-b905-2c4fe8730ceb", + "bom-ref": "urn:uuid:814117b4-3982-4f1f-9c12-251484b5ceca", "id": "CVE-2024-24790", "source": { "name": "nvd-cpe", @@ -4809,6 +4871,112 @@ "ref": "pkg:golang/stdlib@1.18.2?package-id=bd0350174db7828f" } ] + }, + { + "bom-ref": "urn:uuid:6b23cc87-a7bf-4770-b129-364e6159c862", + "id": "CVE-2024-24791", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" + }, + "references": [ + { + "id": "CVE-2024-24791", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "description": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.", + "advisories": [ + { + "url": "https://go.dev/cl/591255" + }, + { + "url": "https://go.dev/issue/67555" + }, + { + "url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ" + }, + { + "url": "https://pkg.go.dev/vuln/GO-2024-2963" + } + ], + "affects": [ + { + "ref": "pkg:golang/stdlib@1.18.2?package-id=bd0350174db7828f" + } + ] + }, + { + "bom-ref": "urn:uuid:abc7f063-cf15-4026-8799-61b081cc72e0", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.20", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.20", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libcrypto3@3.3.1-r0?arch=x86_64&upstream=openssl&distro=alpine-3.20.1&package-id=a0d1447e2b233076" + } + ] + }, + { + "bom-ref": "urn:uuid:edb31571-683d-4080-b88e-904b83e4af5f", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.20", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.20", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libssl3@3.3.1-r0?arch=x86_64&upstream=openssl&distro=alpine-3.20.1&package-id=256036fb4c0abaea" + } + ] } ] } diff --git a/sboms/docker.io_matrixdotorg_synapse:v1.107.0.json b/sboms/docker.io_matrixdotorg_synapse:v1.110.0.json similarity index 86% rename from sboms/docker.io_matrixdotorg_synapse:v1.107.0.json rename to sboms/docker.io_matrixdotorg_synapse:v1.110.0.json index 363f1b6..8253b38 100644 --- a/sboms/docker.io_matrixdotorg_synapse:v1.107.0.json +++ b/sboms/docker.io_matrixdotorg_synapse:v1.110.0.json @@ -1,31 +1,31 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:952b245b-af82-4b93-9a6b-2d870c8bd304", + "specVersion": "1.6", + "serialNumber": "urn:uuid:ff22bef8-d7e6-47f5-920c-c326f5a7504b", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:53:59Z", + "timestamp": "2024-07-05T11:45:29Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, "component": { - "bom-ref": "72207d8a7ab5f494", + "bom-ref": "d4dc2fa69b959278", "type": "container", - "name": "docker.io/matrixdotorg/synapse:v1.107.0", - "version": "v1.107.0" + "name": "docker.io/matrixdotorg/synapse:v1.110.0", + "version": "v1.110.0" }, "properties": [ { "name": "syft:image:labels:gitsha1", - "value": "ecf4e0674c9a027aec253adaca89ed260700224b" + "value": "75b788f49f005bbc70b459d30913f1f7abf847cb" }, { "name": "syft:image:labels:org.opencontainers.image.documentation", @@ -45,17 +45,17 @@ }, { "name": "syft:image:labels:org.opencontainers.image.version", - "value": "1.107.0" + "value": "1.110.0" } ] }, "components": [ { - "bom-ref": "pkg:pypi/authlib@1.3.0?package-id=e6bc97b6a00065d3", + "bom-ref": "pkg:pypi/authlib@1.3.1?package-id=4b098fcc867931cf", "type": "library", "author": "Hsiaoming Yang ", "name": "Authlib", - "version": "1.3.0", + "version": "1.3.1", "licenses": [ { "license": { @@ -63,8 +63,8 @@ } } ], - "cpe": "cpe:2.3:a:hsiaoming_yang_\\", "name": "PyICU", - "version": "2.13", + "version": "2.13.1", "licenses": [ { "license": { @@ -602,8 +587,8 @@ } } ], - "cpe": "cpe:2.3:a:andi_vajda_project:python-PyICU:2.13:*:*:*:*:*:*:*", - "purl": "pkg:pypi/PyICU@2.13", + "cpe": "cpe:2.3:a:andi_vajda_project:python-PyICU:2.13.1:*:*:*:*:*:*:*", + "purl": "pkg:pypi/PyICU@2.13.1", "properties": [ { "name": "syft:package:foundBy", @@ -623,143 +608,143 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:andi_vajda_project:python_PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:andi_vajda_project:python_PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:andi_vajdaproject:python-PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:andi_vajdaproject:python-PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:andi_vajdaproject:python_PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:andi_vajdaproject:python_PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:vajda_project:python-PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:vajda_project:python-PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:vajda_project:python_PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:vajda_project:python_PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-PyICU:python-PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-PyICU:python-PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-PyICU:python_PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-PyICU:python_PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_PyICU:python-PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_PyICU:python-PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_PyICU:python_PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_PyICU:python_PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:vajdaproject:python-PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:vajdaproject:python-PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:vajdaproject:python_PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:vajdaproject:python_PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:andi_vajda_project:PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:andi_vajda_project:PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:andi_vajda:python-PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:andi_vajda:python-PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:andi_vajda:python_PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:andi_vajda:python_PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:andi_vajdaproject:PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:andi_vajdaproject:PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python-PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python-PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python_PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python_PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:vajda_project:PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:vajda_project:PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:PyICU:python-PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:PyICU:python-PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:PyICU:python_PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:PyICU:python_PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-PyICU:PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-PyICU:PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_PyICU:PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_PyICU:PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:vajda:python-PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:vajda:python-PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:vajda:python_PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:vajda:python_PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:vajdaproject:PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:vajdaproject:PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:andi_vajda:PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:andi_vajda:PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:PyICU:PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:PyICU:PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:vajda:PyICU:2.13:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:vajda:PyICU:2.13.1:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/PyICU-2.13.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/PyICU-2.13.1.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/PyICU-2.13.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/PyICU-2.13.1.dist-info/RECORD" }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", - "value": "/usr/local/lib/python3.11/site-packages/PyICU-2.13.dist-info/top_level.txt" + "value": "/usr/local/lib/python3.11/site-packages/PyICU-2.13.1.dist-info/top_level.txt" } ] }, @@ -925,7 +910,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -933,7 +918,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -941,7 +926,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -1099,7 +1084,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -1107,7 +1092,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -1115,7 +1100,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -1237,7 +1222,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -1245,7 +1230,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -1253,7 +1238,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -1287,7 +1272,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:0:path", @@ -1321,7 +1306,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:0:path", @@ -1355,7 +1340,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:0:path", @@ -1389,7 +1374,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:0:path", @@ -1423,7 +1408,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:0:path", @@ -1457,7 +1442,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:0:path", @@ -1591,7 +1576,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -1599,7 +1584,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -1642,7 +1627,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -1650,7 +1635,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -1658,7 +1643,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -1666,7 +1651,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -1893,7 +1878,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -1901,7 +1886,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -1954,7 +1939,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -1962,7 +1947,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -1970,7 +1955,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -1978,7 +1963,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -2116,7 +2101,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -2124,7 +2109,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -2133,11 +2118,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=430b452649ec6d58", + "bom-ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12&package-id=c41d0eaedae01b93", "type": "library", "publisher": "Santiago Vila ", "name": "base-files", - "version": "12.4+deb12u5", + "version": "12.4+deb12u6", "licenses": [ { "license": { @@ -2145,8 +2130,8 @@ } } ], - "cpe": "cpe:2.3:a:base-files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12", + "cpe": "cpe:2.3:a:base-files:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -2162,27 +2147,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base-files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base-files:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -2190,7 +2175,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -2198,7 +2183,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -2206,7 +2191,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -2273,7 +2258,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -2281,7 +2266,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -2289,7 +2274,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -2302,11 +2287,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/bash@5.2.15-2%2Bb2?arch=amd64&upstream=bash%405.2.15-2&distro=debian-12&package-id=7076d057ab25a499", + "bom-ref": "pkg:deb/debian/bash@5.2.15-2%2Bb7?arch=amd64&upstream=bash%405.2.15-2&distro=debian-12&package-id=f715edd1e555e041", "type": "library", "publisher": "Matthias Klose ", "name": "bash", - "version": "5.2.15-2+b2", + "version": "5.2.15-2+b7", "licenses": [ { "license": { @@ -2359,8 +2344,8 @@ } } ], - "cpe": "cpe:2.3:a:bash:bash:5.2.15-2\\+b2:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/bash@5.2.15-2%2Bb2?arch=amd64&upstream=bash%405.2.15-2&distro=debian-12", + "cpe": "cpe:2.3:a:bash:bash:5.2.15-2\\+b7:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/bash@5.2.15-2%2Bb7?arch=amd64&upstream=bash%405.2.15-2&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -2376,7 +2361,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -2384,7 +2369,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -2392,7 +2377,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -2400,7 +2385,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -2421,11 +2406,11 @@ ] }, { - "bom-ref": "pkg:pypi/bcrypt@4.1.2?package-id=086ec223ad78ee72", + "bom-ref": "pkg:pypi/bcrypt@4.1.3?package-id=058e0dcb45454756", "type": "library", "author": "The Python Cryptographic Authority developers ", "name": "bcrypt", - "version": "4.1.2", + "version": "4.1.3", "licenses": [ { "license": { @@ -2433,8 +2418,8 @@ } } ], - "cpe": "cpe:2.3:a:python_cryptographic_authority_developers_\\", "name": "cryptography", - "version": "42.0.5", + "version": "42.0.7", "licenses": [ { "expression": "Apache-2.0 OR BSD-3-Clause" } ], - "cpe": "cpe:2.3:a:cryptography_project:cryptography:42.0.5:*:*:*:*:python:*:*", - "purl": "pkg:pypi/cryptography@42.0.5", + "cpe": "cpe:2.3:a:cryptography_project:cryptography:42.0.7:*:*:*:*:python:*:*", + "purl": "pkg:pypi/cryptography@42.0.7", "properties": [ { "name": "syft:package:foundBy", @@ -3834,40 +3819,40 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-cryptography_project:python-cryptography:42.0.5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-cryptography_project:python-cryptography:42.0.7:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/cryptography-42.0.5.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/cryptography-42.0.7.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/cryptography-42.0.5.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/cryptography-42.0.7.dist-info/RECORD" }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", - "value": "/usr/local/lib/python3.11/site-packages/cryptography-42.0.5.dist-info/top_level.txt" + "value": "/usr/local/lib/python3.11/site-packages/cryptography-42.0.7.dist-info/top_level.txt" } ] }, { - "bom-ref": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=60eb7e4999f74148", + "bom-ref": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u6?arch=amd64&distro=debian-12&package-id=004f2529fac224aa", "type": "library", "publisher": "Alessandro Ghedini ", "name": "curl", - "version": "7.88.1-10+deb12u5", + "version": "7.88.1-10+deb12u6", "licenses": [ { "license": { @@ -3920,8 +3905,8 @@ } } ], - "cpe": "cpe:2.3:a:curl:curl:7.88.1-10\\+deb12u5:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u5?arch=amd64&distro=debian-12", + "cpe": "cpe:2.3:a:curl:curl:7.88.1-10\\+deb12u6:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u6?arch=amd64&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -3937,7 +3922,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -3945,7 +3930,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -3953,7 +3938,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -4010,7 +3995,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -4018,7 +4003,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -4026,7 +4011,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -4068,7 +4053,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -4076,7 +4061,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -4084,7 +4069,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -4092,7 +4077,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -4170,7 +4155,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -4178,7 +4163,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -4186,7 +4171,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -4194,7 +4179,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -4251,7 +4236,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -4259,7 +4244,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -4267,7 +4252,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -4429,7 +4414,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -4437,7 +4422,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -4445,7 +4430,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -4558,7 +4543,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -4566,7 +4551,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -4574,7 +4559,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -4631,7 +4616,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -4639,7 +4624,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -4647,7 +4632,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -4655,7 +4640,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -4737,7 +4722,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -4745,7 +4730,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -4753,7 +4738,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -4761,7 +4746,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -4923,7 +4908,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -4931,7 +4916,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -4939,7 +4924,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -5067,7 +5052,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -5075,7 +5060,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -5083,7 +5068,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -5186,7 +5171,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -5194,7 +5179,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -5202,7 +5187,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -5244,7 +5229,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -5265,11 +5250,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/gosu@1.14-1%2Bb6?arch=amd64&upstream=gosu%401.14-1&distro=debian-12&package-id=bcf91fe2d75046e8", + "bom-ref": "pkg:deb/debian/gosu@1.14-1%2Bb10?arch=amd64&upstream=gosu%401.14-1&distro=debian-12&package-id=5fd9f0b2905edbf7", "type": "library", "publisher": "pkg-go ", "name": "gosu", - "version": "1.14-1+b6", + "version": "1.14-1+b10", "licenses": [ { "license": { @@ -5287,8 +5272,8 @@ } } ], - "cpe": "cpe:2.3:a:gosu:gosu:1.14-1\\+b6:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/gosu@1.14-1%2Bb6?arch=amd64&upstream=gosu%401.14-1&distro=debian-12", + "cpe": "cpe:2.3:a:gosu:gosu:1.14-1\\+b10:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/gosu@1.14-1%2Bb10?arch=amd64&upstream=gosu%401.14-1&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -5304,7 +5289,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -5312,7 +5297,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -5320,7 +5305,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -5425,7 +5410,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -5433,7 +5418,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -5441,7 +5426,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -5492,7 +5477,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -5500,7 +5485,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -5508,7 +5493,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -5570,7 +5555,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -5578,7 +5563,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -5586,7 +5571,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -5748,7 +5733,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -5756,7 +5741,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -5764,7 +5749,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -5802,7 +5787,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -5810,7 +5795,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -5818,7 +5803,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -5907,7 +5892,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -5915,7 +5900,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -5923,7 +5908,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -6081,7 +6066,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -6089,7 +6074,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -6097,7 +6082,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -6224,7 +6209,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -6232,7 +6217,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -6390,7 +6375,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -6398,7 +6383,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -6406,7 +6391,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -6415,11 +6400,11 @@ ] }, { - "bom-ref": "pkg:pypi/immutabledict@4.1.0?package-id=9d6259f524390a35", + "bom-ref": "pkg:pypi/immutabledict@4.2.0?package-id=1b2d61e8134d9b21", "type": "library", "author": "Corentin Garcia ", "name": "immutabledict", - "version": "4.1.0", + "version": "4.2.0", "licenses": [ { "license": { @@ -6427,8 +6412,8 @@ } } ], - "cpe": "cpe:2.3:a:corentin_garcia_project:python-immutabledict:4.1.0:*:*:*:*:*:*:*", - "purl": "pkg:pypi/immutabledict@4.1.0", + "cpe": "cpe:2.3:a:corentin_garcia_project:python-immutabledict:4.2.0:*:*:*:*:*:*:*", + "purl": "pkg:pypi/immutabledict@4.2.0", "properties": [ { "name": "syft:package:foundBy", @@ -6448,135 +6433,135 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corentin_garcia_project:python_immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corentin_garcia_project:python_immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corentin_garciaproject:python-immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corentin_garciaproject:python-immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corentin_garciaproject:python_immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corentin_garciaproject:python_immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-immutabledict:python-immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-immutabledict:python-immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-immutabledict:python_immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-immutabledict:python_immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_immutabledict:python-immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_immutabledict:python-immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_immutabledict:python_immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_immutabledict:python_immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corenting_project:python-immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corenting_project:python-immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corenting_project:python_immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corenting_project:python_immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corentin_garcia_project:immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corentin_garcia_project:immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corentingproject:python-immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corentingproject:python-immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corentingproject:python_immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corentingproject:python_immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corentin_garcia:python-immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corentin_garcia:python-immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corentin_garcia:python_immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corentin_garcia:python_immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corentin_garciaproject:immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corentin_garciaproject:immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:immutabledict:python-immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:immutabledict:python-immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:immutabledict:python_immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:immutabledict:python_immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-immutabledict:immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-immutabledict:immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_immutabledict:immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_immutabledict:immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corenting_project:immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corenting_project:immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corenting:python-immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corenting:python-immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corenting:python_immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corenting:python_immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corentingproject:immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corentingproject:immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corentin_garcia:immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corentin_garcia:immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:immutabledict:immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:immutabledict:immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python-immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python-immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python_immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python_immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:corenting:immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:corenting:immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:immutabledict:4.1.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:immutabledict:4.2.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/immutabledict-4.1.0.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/immutabledict-4.2.0.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/immutabledict-4.1.0.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/immutabledict-4.2.0.dist-info/RECORD" } ] }, @@ -6657,7 +6642,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -6665,7 +6650,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -6673,7 +6658,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -6757,7 +6742,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -6765,7 +6750,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -6773,7 +6758,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -7039,7 +7024,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -7047,7 +7032,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -7055,7 +7040,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -7189,7 +7174,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -7197,7 +7182,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -7475,7 +7460,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -7483,7 +7468,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -7641,7 +7626,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -7649,7 +7634,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -7657,7 +7642,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -7710,7 +7695,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -7718,7 +7703,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -7726,7 +7711,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -7807,7 +7792,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -7815,7 +7800,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -7823,7 +7808,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -7884,7 +7869,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -7892,7 +7877,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -7900,7 +7885,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -7908,7 +7893,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -7984,7 +7969,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -7992,7 +7977,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -8000,7 +7985,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -8008,7 +7993,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -8064,7 +8049,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -8072,7 +8057,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -8080,7 +8065,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -8201,7 +8186,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -8209,7 +8194,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -8217,7 +8202,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -8263,7 +8248,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -8271,7 +8256,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -8279,7 +8264,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -8354,7 +8339,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -8362,7 +8347,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -8370,7 +8355,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -8445,7 +8430,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -8453,7 +8438,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -8461,7 +8446,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -8469,7 +8454,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -8520,7 +8505,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -8528,7 +8513,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -8536,7 +8521,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -8544,7 +8529,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -8630,7 +8615,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -8638,7 +8623,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -8646,7 +8631,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -8706,7 +8691,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -8714,7 +8699,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -8722,7 +8707,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -8824,7 +8809,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -8832,7 +8817,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -8840,7 +8825,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -8879,7 +8864,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -8887,7 +8872,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -8895,7 +8880,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -8912,11 +8897,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u5?arch=amd64&upstream=curl&distro=debian-12&package-id=3425ee7723f69b83", + "bom-ref": "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u6?arch=amd64&upstream=curl&distro=debian-12&package-id=f9f0a840b5701b6c", "type": "library", "publisher": "Alessandro Ghedini ", "name": "libcurl4", - "version": "7.88.1-10+deb12u5", + "version": "7.88.1-10+deb12u6", "licenses": [ { "license": { @@ -8969,8 +8954,8 @@ } } ], - "cpe": "cpe:2.3:a:libcurl4:libcurl4:7.88.1-10\\+deb12u5:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u5?arch=amd64&upstream=curl&distro=debian-12", + "cpe": "cpe:2.3:a:libcurl4:libcurl4:7.88.1-10\\+deb12u6:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u6?arch=amd64&upstream=curl&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -8986,7 +8971,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -8994,7 +8979,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -9002,7 +8987,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -9010,7 +8995,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "843" + "value": "839" }, { "name": "syft:metadata:source", @@ -9098,7 +9083,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -9106,7 +9091,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -9114,7 +9099,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -9170,7 +9155,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -9178,7 +9163,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -9186,7 +9171,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -9232,7 +9217,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -9240,7 +9225,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -9248,7 +9233,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -9334,7 +9319,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -9342,7 +9327,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -9350,7 +9335,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -9426,7 +9411,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -9434,7 +9419,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -9442,7 +9427,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -9533,7 +9518,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -9541,7 +9526,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -9549,7 +9534,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -9600,7 +9585,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -9608,7 +9593,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -9616,7 +9601,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -9678,7 +9663,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -9686,7 +9671,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -9694,7 +9679,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -9765,7 +9750,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -9773,7 +9758,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -9781,7 +9766,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -9798,11 +9783,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u2?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=1de6e19dee40b0ab", + "bom-ref": "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u3?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=e285c9d302b29acf", "type": "library", "publisher": "Debian GnuTLS Maintainers ", "name": "libgnutls30", - "version": "3.7.9-2+deb12u2", + "version": "3.7.9-2+deb12u3", "licenses": [ { "license": { @@ -9870,8 +9855,8 @@ } } ], - "cpe": "cpe:2.3:a:libgnutls30:libgnutls30:3.7.9-2\\+deb12u2:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u2?arch=amd64&upstream=gnutls28&distro=debian-12", + "cpe": "cpe:2.3:a:libgnutls30:libgnutls30:3.7.9-2\\+deb12u3:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u3?arch=amd64&upstream=gnutls28&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -9887,7 +9872,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -9895,7 +9880,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -9903,7 +9888,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -9911,7 +9896,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "3381" + "value": "3382" }, { "name": "syft:metadata:source", @@ -9994,7 +9979,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -10002,7 +9987,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -10010,7 +9995,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -10092,7 +10077,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -10100,7 +10085,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -10108,7 +10093,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -10204,7 +10189,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -10212,7 +10197,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -10220,7 +10205,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -10271,7 +10256,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -10279,7 +10264,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -10287,7 +10272,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -10383,7 +10368,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -10391,7 +10376,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -10399,7 +10384,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -10474,7 +10459,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -10482,7 +10467,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -10490,7 +10475,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -10576,7 +10561,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -10584,7 +10569,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -10592,7 +10577,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -10638,7 +10623,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -10646,7 +10631,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -10654,7 +10639,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -10715,7 +10700,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -10723,7 +10708,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -10731,7 +10716,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -10797,7 +10782,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -10805,7 +10790,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -10813,7 +10798,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -10859,7 +10844,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -10867,7 +10852,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -10875,7 +10860,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -11052,7 +11037,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -11060,7 +11045,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -11068,7 +11053,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -11229,7 +11214,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -11237,7 +11222,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -11245,7 +11230,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -11253,7 +11238,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -11329,7 +11314,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -11337,7 +11322,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -11345,7 +11330,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -11456,7 +11441,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -11464,7 +11449,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -11472,7 +11457,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -11553,7 +11538,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -11561,7 +11546,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -11569,7 +11554,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -11690,7 +11675,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -11698,7 +11683,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -11706,7 +11691,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -11762,7 +11747,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -11770,7 +11755,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -11778,7 +11763,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -11874,7 +11859,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -11882,7 +11867,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -11890,7 +11875,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -11981,7 +11966,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -11989,7 +11974,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -11997,7 +11982,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -12108,7 +12093,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -12116,7 +12101,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -12124,7 +12109,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -12225,7 +12210,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -12233,7 +12218,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -12241,7 +12226,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -12357,7 +12342,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -12365,7 +12350,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -12373,7 +12358,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -12381,7 +12366,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -12513,7 +12498,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -12521,7 +12506,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -12529,7 +12514,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -12645,7 +12630,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -12653,7 +12638,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -12661,7 +12646,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -12669,7 +12654,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -12765,7 +12750,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -12773,7 +12758,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -12781,7 +12766,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -12883,7 +12868,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -12891,7 +12876,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -12899,7 +12884,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -12916,11 +12901,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libpq5@15.6-0%2Bdeb12u1?arch=amd64&upstream=postgresql-15&distro=debian-12&package-id=b91f13e24096c1ff", + "bom-ref": "pkg:deb/debian/libpq5@15.7-0%2Bdeb12u1?arch=amd64&upstream=postgresql-15&distro=debian-12&package-id=67555d5d1cc5af29", "type": "library", "publisher": "Debian PostgreSQL Maintainers ", "name": "libpq5", - "version": "15.6-0+deb12u1", + "version": "15.7-0+deb12u1", "licenses": [ { "license": { @@ -12978,8 +12963,8 @@ } } ], - "cpe": "cpe:2.3:a:libpq5:libpq5:15.6-0\\+deb12u1:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libpq5@15.6-0%2Bdeb12u1?arch=amd64&upstream=postgresql-15&distro=debian-12", + "cpe": "cpe:2.3:a:libpq5:libpq5:15.7-0\\+deb12u1:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libpq5@15.7-0%2Bdeb12u1?arch=amd64&upstream=postgresql-15&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -12995,7 +12980,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -13003,7 +12988,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -13011,7 +12996,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -13019,7 +13004,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "850" + "value": "851" }, { "name": "syft:metadata:source", @@ -13067,7 +13052,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -13075,7 +13060,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -13083,7 +13068,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -13159,7 +13144,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -13167,7 +13152,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -13175,7 +13160,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -13226,7 +13211,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -13234,7 +13219,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -13242,7 +13227,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -13402,7 +13387,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -13410,7 +13395,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -13418,7 +13403,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -13574,7 +13559,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -13582,7 +13567,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -13590,7 +13575,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -13762,7 +13747,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -13770,7 +13755,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -13778,7 +13763,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -13795,11 +13780,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libseccomp2@2.5.4-1%2Bb3?arch=amd64&upstream=libseccomp%402.5.4-1&distro=debian-12&package-id=a6922f8e0f890c0e", + "bom-ref": "pkg:deb/debian/libseccomp2@2.5.4-1%2Bdeb12u1?arch=amd64&upstream=libseccomp&distro=debian-12&package-id=86bffae363f30eaf", "type": "library", "publisher": "Kees Cook ", "name": "libseccomp2", - "version": "2.5.4-1+b3", + "version": "2.5.4-1+deb12u1", "licenses": [ { "license": { @@ -13807,8 +13792,8 @@ } } ], - "cpe": "cpe:2.3:a:libseccomp2:libseccomp2:2.5.4-1\\+b3:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libseccomp2@2.5.4-1%2Bb3?arch=amd64&upstream=libseccomp%402.5.4-1&distro=debian-12", + "cpe": "cpe:2.3:a:libseccomp2:libseccomp2:2.5.4-1\\+deb12u1:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libseccomp2@2.5.4-1%2Bdeb12u1?arch=amd64&upstream=libseccomp&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -13824,7 +13809,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -13832,7 +13817,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -13840,7 +13825,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -13848,15 +13833,11 @@ }, { "name": "syft:metadata:installedSize", - "value": "149" + "value": "148" }, { "name": "syft:metadata:source", "value": "libseccomp" - }, - { - "name": "syft:metadata:sourceVersion", - "value": "2.5.4-1" } ] }, @@ -13895,7 +13876,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -13903,7 +13884,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -13911,7 +13892,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -13986,7 +13967,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -13994,7 +13975,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -14002,7 +13983,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -14010,7 +13991,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -14061,7 +14042,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -14069,7 +14050,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -14077,7 +14058,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -14147,7 +14128,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -14155,7 +14136,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -14163,7 +14144,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -14284,7 +14265,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -14292,7 +14273,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -14300,7 +14281,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -14376,7 +14357,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -14384,7 +14365,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -14392,7 +14373,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -14478,7 +14459,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -14486,7 +14467,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -14494,7 +14475,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -14560,7 +14541,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -14568,7 +14549,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -14576,7 +14557,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -14597,11 +14578,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libssl-dev@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=d3dce58d6f1dd89b", + "bom-ref": "pkg:deb/debian/libssl-dev@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=1c425c6617d0cc1b", "type": "library", "publisher": "Debian OpenSSL Team ", "name": "libssl-dev", - "version": "3.0.11-1~deb12u2", + "version": "3.0.13-1~deb12u1", "licenses": [ { "license": { @@ -14624,8 +14605,8 @@ } } ], - "cpe": "cpe:2.3:a:libssl-dev:libssl-dev:3.0.11-1\\~deb12u2:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libssl-dev@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12", + "cpe": "cpe:2.3:a:libssl-dev:libssl-dev:3.0.13-1\\~deb12u1:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libssl-dev@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -14641,27 +14622,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libssl-dev:libssl_dev:3.0.11-1\\~deb12u2:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libssl-dev:libssl_dev:3.0.13-1\\~deb12u1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libssl_dev:libssl-dev:3.0.11-1\\~deb12u2:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libssl_dev:libssl-dev:3.0.13-1\\~deb12u1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libssl_dev:libssl_dev:3.0.11-1\\~deb12u2:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libssl_dev:libssl_dev:3.0.13-1\\~deb12u1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libssl:libssl-dev:3.0.11-1\\~deb12u2:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libssl:libssl-dev:3.0.13-1\\~deb12u1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libssl:libssl_dev:3.0.11-1\\~deb12u2:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libssl:libssl_dev:3.0.13-1\\~deb12u1:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -14669,7 +14650,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -14677,7 +14658,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -14685,7 +14666,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "12314" + "value": "12336" }, { "name": "syft:metadata:source", @@ -14694,11 +14675,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe", + "bom-ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57", "type": "library", "publisher": "Debian OpenSSL Team ", "name": "libssl3", - "version": "3.0.11-1~deb12u2", + "version": "3.0.13-1~deb12u1", "licenses": [ { "license": { @@ -14721,8 +14702,8 @@ } } ], - "cpe": "cpe:2.3:a:libssl3:libssl3:3.0.11-1\\~deb12u2:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12", + "cpe": "cpe:2.3:a:libssl3:libssl3:3.0.13-1\\~deb12u1:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -14738,7 +14719,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:146826fa3ca090520765c1cee50f779ead1662bfd94d413cff5b9ba519b23a7a" + "value": "sha256:50f6a0461e4a180f5ab27f384fa0dc806d913642bbf4dad0db61ac39f5ef8510" }, { "name": "syft:location:0:path", @@ -14746,7 +14727,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:146826fa3ca090520765c1cee50f779ead1662bfd94d413cff5b9ba519b23a7a" + "value": "sha256:50f6a0461e4a180f5ab27f384fa0dc806d913642bbf4dad0db61ac39f5ef8510" }, { "name": "syft:location:1:path", @@ -14754,7 +14735,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -14762,7 +14743,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "6010" + "value": "6008" }, { "name": "syft:metadata:source", @@ -14825,7 +14806,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -14833,7 +14814,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -14841,7 +14822,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -14858,11 +14839,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22", + "bom-ref": "pkg:deb/debian/libsystemd0@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=feb617e488eec05e", "type": "library", "publisher": "Debian systemd Maintainers ", "name": "libsystemd0", - "version": "252.22-1~deb12u1", + "version": "252.26-1~deb12u2", "licenses": [ { "license": { @@ -14900,8 +14881,8 @@ } } ], - "cpe": "cpe:2.3:a:libsystemd0:libsystemd0:252.22-1\\~deb12u1:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12", + "cpe": "cpe:2.3:a:libsystemd0:libsystemd0:252.26-1\\~deb12u2:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libsystemd0@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -14917,7 +14898,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -14925,7 +14906,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -14933,7 +14914,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15014,7 +14995,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -15022,7 +15003,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -15030,7 +15011,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15082,7 +15063,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -15090,7 +15071,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -15098,7 +15079,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15174,7 +15155,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -15182,7 +15163,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -15190,7 +15171,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:2:path", @@ -15198,7 +15179,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -15254,7 +15235,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -15262,7 +15243,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -15270,7 +15251,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15287,11 +15268,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libudev1@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=149f02d90873ce5b", + "bom-ref": "pkg:deb/debian/libudev1@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=aa55696d3d1d7cba", "type": "library", "publisher": "Debian systemd Maintainers ", "name": "libudev1", - "version": "252.22-1~deb12u1", + "version": "252.26-1~deb12u2", "licenses": [ { "license": { @@ -15329,8 +15310,8 @@ } } ], - "cpe": "cpe:2.3:a:libudev1:libudev1:252.22-1\\~deb12u1:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libudev1@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12", + "cpe": "cpe:2.3:a:libudev1:libudev1:252.26-1\\~deb12u2:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libudev1@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -15346,7 +15327,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -15354,7 +15335,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -15362,7 +15343,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15453,7 +15434,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -15461,7 +15442,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -15469,7 +15450,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15590,7 +15571,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -15598,7 +15579,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -15606,7 +15587,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15652,7 +15633,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -15660,7 +15641,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -15668,7 +15649,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15719,7 +15700,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -15727,7 +15708,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -15735,7 +15716,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15770,7 +15751,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -15778,7 +15759,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -15786,7 +15767,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15845,7 +15826,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -15853,7 +15834,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -15861,7 +15842,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15900,7 +15881,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -15908,7 +15889,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -15916,7 +15897,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -15967,7 +15948,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -15975,7 +15956,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -15983,7 +15964,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -16044,7 +16025,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -16052,7 +16033,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -16060,7 +16041,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -16126,7 +16107,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -16134,7 +16115,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -16142,7 +16123,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -16150,7 +16131,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -16240,7 +16221,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -16248,7 +16229,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -16256,7 +16237,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -16273,11 +16254,11 @@ ] }, { - "bom-ref": "pkg:pypi/lxml@5.2.1?package-id=66bde09d6eed7778", + "bom-ref": "pkg:pypi/lxml@5.2.2?package-id=95ad55180191608d", "type": "library", "author": "lxml dev team ", "name": "lxml", - "version": "5.2.1", + "version": "5.2.2", "licenses": [ { "license": { @@ -16285,8 +16266,8 @@ } } ], - "cpe": "cpe:2.3:a:lxml:lxml:5.2.1:*:*:*:*:*:*:*", - "purl": "pkg:pypi/lxml@5.2.1", + "cpe": "cpe:2.3:a:lxml:lxml:5.2.2:*:*:*:*:*:*:*", + "purl": "pkg:pypi/lxml@5.2.2", "properties": [ { "name": "syft:package:foundBy", @@ -16306,27 +16287,27 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/lxml-5.2.1.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/lxml-5.2.2.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/lxml-5.2.1.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/lxml-5.2.2.dist-info/RECORD" }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", - "value": "/usr/local/lib/python3.11/site-packages/lxml-5.2.1.dist-info/top_level.txt" + "value": "/usr/local/lib/python3.11/site-packages/lxml-5.2.2.dist-info/top_level.txt" } ] }, @@ -16487,7 +16468,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -16495,7 +16476,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -16503,7 +16484,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -16512,11 +16493,11 @@ ] }, { - "bom-ref": "pkg:pypi/matrix-synapse@1.107.0?package-id=fb4e40be237e1434", + "bom-ref": "pkg:pypi/matrix-synapse@1.110.0?package-id=cfbc3e8ff9b0777b", "type": "library", "author": "Matrix.org Team and Contributors ", "name": "matrix-synapse", - "version": "1.107.0", + "version": "1.110.0", "licenses": [ { "license": { @@ -16524,8 +16505,8 @@ } } ], - "cpe": "cpe:2.3:a:matrix_org_team_and_contributors_project:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*", - "purl": "pkg:pypi/matrix-synapse@1.107.0", + "cpe": "cpe:2.3:a:matrix_org_team_and_contributors_project:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*", + "purl": "pkg:pypi/matrix-synapse@1.110.0", "externalReferences": [ { "url": "file:///synapse", @@ -16551,247 +16532,247 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org_team_and_contributors_project:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org_team_and_contributors_project:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org_team_and_contributorsproject:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org_team_and_contributorsproject:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org_team_and_contributorsproject:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org_team_and_contributorsproject:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org_team_and_contributors_project:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org_team_and_contributors_project:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org_team_and_contributors_project:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org_team_and_contributors_project:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org_team_and_contributors:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org_team_and_contributors:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org_team_and_contributors:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org_team_and_contributors:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org_team_and_contributorsproject:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org_team_and_contributorsproject:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org_team_and_contributorsproject:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org_team_and_contributorsproject:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org_team_and_contributors:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org_team_and_contributors:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org_team_and_contributors:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org_team_and_contributors:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-matrix-synapse:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-matrix-synapse:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-matrix-synapse:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-matrix-synapse:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_matrix_synapse:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_matrix_synapse:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_matrix_synapse:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_matrix_synapse:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packages_project:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packages_project:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packages_project:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packages_project:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packagesproject:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packagesproject:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packagesproject:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packagesproject:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix-synapse:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix-synapse:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix-synapse:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix-synapse:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_synapse:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_synapse:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_synapse:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_synapse:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-matrix-synapse:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-matrix-synapse:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-matrix-synapse:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-matrix-synapse:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_matrix_synapse:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_matrix_synapse:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_matrix_synapse:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_matrix_synapse:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-matrix:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-matrix:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-matrix:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-matrix:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_matrix:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_matrix:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_matrix:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_matrix:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packages_project:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packages_project:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packages_project:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packages_project:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packages:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packages:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packages:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packages:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packagesproject:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packagesproject:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packagesproject:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packagesproject:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix-synapse:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix-synapse:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix-synapse:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix-synapse:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_synapse:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_synapse:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_synapse:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_synapse:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-matrix:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-matrix:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-matrix:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-matrix:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python-matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python-matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python_matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python_matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_matrix:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_matrix:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_matrix:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_matrix:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packages:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packages:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:packages:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:packages:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:matrix-synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:matrix-synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:matrix_synapse:1.107.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:matrix_synapse:1.110.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/matrix_synapse-1.107.0.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/matrix_synapse-1.110.0.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/matrix_synapse-1.107.0.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/matrix_synapse-1.110.0.dist-info/RECORD" }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", - "value": "/usr/local/lib/python3.11/site-packages/matrix_synapse-1.107.0.dist-info/direct_url.json" + "value": "/usr/local/lib/python3.11/site-packages/matrix_synapse-1.110.0.dist-info/direct_url.json" } ] }, @@ -17016,7 +16997,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -17024,7 +17005,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -17032,7 +17013,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -17080,7 +17061,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -17088,7 +17069,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -17096,7 +17077,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -17213,7 +17194,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -17221,7 +17202,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -17229,7 +17210,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -17246,11 +17227,11 @@ ] }, { - "bom-ref": "pkg:pypi/msgpack@1.0.7?package-id=a43ec6ac4cb5fa07", + "bom-ref": "pkg:pypi/msgpack@1.0.8?package-id=fa44af608fd85080", "type": "library", "author": "Inada Naoki ", "name": "msgpack", - "version": "1.0.7", + "version": "1.0.8", "licenses": [ { "license": { @@ -17258,8 +17239,8 @@ } } ], - "cpe": "cpe:2.3:a:inada_naoki_\\, Stefan Nordhausen ", "name": "netaddr", - "version": "1.2.1", + "version": "1.3.0", "licenses": [ { "license": { @@ -17600,8 +17581,8 @@ } } ], - "cpe": "cpe:2.3:a:\\\"david_p__d__moss\\\"_\\", "name": "openssl", - "version": "3.0.11-1~deb12u2", + "version": "3.0.13-1~deb12u1", "licenses": [ { "license": { @@ -17831,8 +17812,8 @@ } } ], - "cpe": "cpe:2.3:a:openssl:openssl:3.0.11-1\\~deb12u2:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/openssl@3.0.11-1~deb12u2?arch=amd64&distro=debian-12", + "cpe": "cpe:2.3:a:openssl:openssl:3.0.13-1\\~deb12u1:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?arch=amd64&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -17848,7 +17829,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:146826fa3ca090520765c1cee50f779ead1662bfd94d413cff5b9ba519b23a7a" + "value": "sha256:50f6a0461e4a180f5ab27f384fa0dc806d913642bbf4dad0db61ac39f5ef8510" }, { "name": "syft:location:0:path", @@ -17856,7 +17837,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:146826fa3ca090520765c1cee50f779ead1662bfd94d413cff5b9ba519b23a7a" + "value": "sha256:50f6a0461e4a180f5ab27f384fa0dc806d913642bbf4dad0db61ac39f5ef8510" }, { "name": "syft:location:1:path", @@ -17864,7 +17845,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:146826fa3ca090520765c1cee50f779ead1662bfd94d413cff5b9ba519b23a7a" + "value": "sha256:50f6a0461e4a180f5ab27f384fa0dc806d913642bbf4dad0db61ac39f5ef8510" }, { "name": "syft:location:2:path", @@ -17872,7 +17853,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -17880,7 +17861,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "2291" + "value": "2294" } ] }, @@ -18022,7 +18003,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -18030,7 +18011,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -18038,7 +18019,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -18047,13 +18028,13 @@ ] }, { - "bom-ref": "pkg:pypi/packaging@24.0?package-id=378523aaeb134b7a", + "bom-ref": "pkg:pypi/packaging@24.1?package-id=f2e2d68144a73aaf", "type": "library", "author": "Donald Stufft ", "name": "packaging", - "version": "24.0", - "cpe": "cpe:2.3:a:donald_stufft_\\", "name": "phonenumbers", - "version": "8.13.35", + "version": "8.13.39", "licenses": [ { "license": { @@ -18640,8 +18621,8 @@ } } ], - "cpe": "cpe:2.3:a:david_drysdale_project:python-phonenumbers:8.13.35:*:*:*:*:*:*:*", - "purl": "pkg:pypi/phonenumbers@8.13.35", + "cpe": "cpe:2.3:a:david_drysdale_project:python-phonenumbers:8.13.39:*:*:*:*:*:*:*", + "purl": "pkg:pypi/phonenumbers@8.13.39", "properties": [ { "name": "syft:package:foundBy", @@ -18661,143 +18642,143 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:david_drysdale_project:python_phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:david_drysdale_project:python_phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:david_drysdaleproject:python-phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:david_drysdaleproject:python-phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:david_drysdaleproject:python_phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:david_drysdaleproject:python_phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-phonenumbers:python-phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-phonenumbers:python-phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-phonenumbers:python_phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-phonenumbers:python_phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_phonenumbers:python-phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_phonenumbers:python-phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_phonenumbers:python_phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_phonenumbers:python_phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:david_drysdale_project:phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:david_drysdale_project:phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:david_drysdale:python-phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:david_drysdale:python-phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:david_drysdale:python_phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:david_drysdale:python_phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:david_drysdaleproject:phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:david_drysdaleproject:phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:phonenumbers:python-phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:phonenumbers:python-phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:phonenumbers:python_phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:phonenumbers:python_phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-phonenumbers:phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-phonenumbers:phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_phonenumbers:phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_phonenumbers:phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:dmd_project:python-phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:dmd_project:python-phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:dmd_project:python_phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:dmd_project:python_phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:dmdproject:python-phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:dmdproject:python-phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:dmdproject:python_phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:dmdproject:python_phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:david_drysdale:phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:david_drysdale:phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python-phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python-phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python_phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python_phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:phonenumbers:phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:phonenumbers:phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:dmd_project:phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:dmd_project:phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:dmd:python-phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:dmd:python-phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:dmd:python_phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:dmd:python_phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:dmdproject:phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:dmdproject:phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:dmd:phonenumbers:8.13.35:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:dmd:phonenumbers:8.13.39:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/phonenumbers-8.13.35.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/phonenumbers-8.13.39.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/phonenumbers-8.13.35.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/phonenumbers-8.13.39.dist-info/RECORD" }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", - "value": "/usr/local/lib/python3.11/site-packages/phonenumbers-8.13.35.dist-info/top_level.txt" + "value": "/usr/local/lib/python3.11/site-packages/phonenumbers-8.13.39.dist-info/top_level.txt" } ] }, @@ -18927,7 +18908,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -18935,7 +18916,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -18943,7 +18924,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -19089,7 +19070,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:0:path", @@ -19097,7 +19078,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:1:path", @@ -19105,7 +19086,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:2:path", @@ -19114,11 +19095,11 @@ ] }, { - "bom-ref": "pkg:pypi/prometheus-client@0.19.0?package-id=d6132aa8e91b7147", + "bom-ref": "pkg:pypi/prometheus-client@0.20.0?package-id=6f6e619ec0644646", "type": "library", "author": "Brian Brazil ", - "name": "prometheus-client", - "version": "0.19.0", + "name": "prometheus_client", + "version": "0.20.0", "licenses": [ { "license": { @@ -19126,8 +19107,8 @@ } } ], - "cpe": "cpe:2.3:a:python-prometheus-client:python-prometheus-client:0.19.0:*:*:*:*:*:*:*", - "purl": "pkg:pypi/prometheus-client@0.19.0", + "cpe": "cpe:2.3:a:python-prometheus-client:python-prometheus-client:0.20.0:*:*:*:*:*:*:*", + "purl": "pkg:pypi/prometheus_client@0.20.0", "properties": [ { "name": "syft:package:foundBy", @@ -19147,220 +19128,288 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-prometheus-client:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-prometheus-client:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:python-prometheus-client:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:python-prometheus_client:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:python-prometheus_client:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:python-prometheus_client:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:python_prometheus_client:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:python_prometheus_client:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:python_prometheus_client:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:brian_brazil_project:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:brian_brazil_project:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:brian_brazil_project:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:brian_brazilproject:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:brian_brazilproject:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:brian_brazilproject:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:prometheus-client:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:prometheus-client:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_prometheus_client:python-prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus-client:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_prometheus_client:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus_client:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazil_project:python-prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus_client:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazil_project:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus_client:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazilproject:python-prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-prometheus-client:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazilproject:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-prometheus-client:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus-client:python-prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-prometheus:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus-client:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-prometheus:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus_client:python-prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-prometheus:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus_client:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-prometheus_client:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-prometheus-client:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-prometheus_client:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-prometheus-client:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_prometheus:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-prometheus:python-prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_prometheus:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-prometheus:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_prometheus:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_prometheus:python-prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_prometheus_client:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_prometheus:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_prometheus_client:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_prometheus_client:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian_brazil_project:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_prometheus_client:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian_brazil_project:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazil_project:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian-brazil:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazil_project:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian-brazil:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian-brazil:python-prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian-brazil:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian-brazil:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian_brazil:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazil:python-prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian_brazil:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazil:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian_brazil:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazilproject:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian_brazilproject:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazilproject:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian_brazilproject:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus-client:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus-client:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus-client:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus-client:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus:python-prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus_client:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus_client:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus_client:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-prometheus:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus_client:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-prometheus:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-prometheus:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_prometheus:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-prometheus:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_prometheus:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_prometheus:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python-prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_prometheus:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python_prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python-prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian-brazil:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python-prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian-brazil:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python_prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazil:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian-brazil:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brian_brazil:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian-brazil:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian_brazil:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brian_brazil:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:prometheus-client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus:prometheus-client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:prometheus_client:0.19.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus:prometheus_client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:python:prometheus-client:0.20.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:python:prometheus_client:0.20.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/prometheus_client-0.19.0.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/prometheus_client-0.20.0.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/prometheus_client-0.19.0.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/prometheus_client-0.20.0.dist-info/RECORD" }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", - "value": "/usr/local/lib/python3.11/site-packages/prometheus_client-0.19.0.dist-info/top_level.txt" + "value": "/usr/local/lib/python3.11/site-packages/prometheus_client-0.20.0.dist-info/top_level.txt" } ] }, { - "bom-ref": "pkg:pypi/psycopg2@2.9.9?package-id=ddf6c1f50338d268", + "bom-ref": "pkg:pypi/psycopg2@2.9.9?package-id=f43f9646bc245be5", "type": "library", "author": "Federico Di Gregorio ", "name": "psycopg2", @@ -19509,7 +19558,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -19517,7 +19566,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -19525,7 +19574,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -19568,7 +19617,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -19576,7 +19625,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -19584,7 +19633,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -19597,11 +19646,11 @@ ] }, { - "bom-ref": "pkg:pypi/pyopenssl@24.0.0?package-id=71e26fa6e24f7be5", + "bom-ref": "pkg:pypi/pyopenssl@24.1.0?package-id=279064ccf7920dc4", "type": "library", "author": "The pyOpenSSL developers ", "name": "pyOpenSSL", - "version": "24.0.0", + "version": "24.1.0", "licenses": [ { "license": { @@ -19609,8 +19658,8 @@ } } ], - "cpe": "cpe:2.3:a:pyopenssl_developers_project:python-pyOpenSSL:24.0.0:*:*:*:*:*:*:*", - "purl": "pkg:pypi/pyOpenSSL@24.0.0", + "cpe": "cpe:2.3:a:pyopenssl_developers_project:python-pyOpenSSL:24.1.0:*:*:*:*:*:*:*", + "purl": "pkg:pypi/pyOpenSSL@24.1.0", "properties": [ { "name": "syft:package:foundBy", @@ -19630,164 +19679,164 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyopenssl_developers_project:python_pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyopenssl_developers_project:python_pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyopenssl_developersproject:python-pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyopenssl_developersproject:python-pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyopenssl_developersproject:python_pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyopenssl_developersproject:python_pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography_dev_project:python-pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography_dev_project:python-pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography_dev_project:python_pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography_dev_project:python_pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography_devproject:python-pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography_devproject:python-pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography_devproject:python_pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography_devproject:python_pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyopenssl_developers_project:pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyopenssl_developers_project:pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyopenssl_developers:python-pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyopenssl_developers:python-pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyopenssl_developers:python_pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyopenssl_developers:python_pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyopenssl_developersproject:pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyopenssl_developersproject:pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography_dev_project:pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography_dev_project:pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography-dev:python-pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography-dev:python-pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography-dev:python_pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography-dev:python_pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography_dev:python-pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography_dev:python-pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography_dev:python_pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography_dev:python_pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography_devproject:pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography_devproject:pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-pyOpenSSL:python-pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-pyOpenSSL:python-pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-pyOpenSSL:python_pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-pyOpenSSL:python_pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_pyOpenSSL:python-pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_pyOpenSSL:python-pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_pyOpenSSL:python_pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_pyOpenSSL:python_pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyopenssl_developers:pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyopenssl_developers:pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography-dev:pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography-dev:pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography_dev:pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:cryptography_dev:pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyOpenSSL:python-pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyOpenSSL:python-pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyOpenSSL:python_pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyOpenSSL:python_pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-pyOpenSSL:pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-pyOpenSSL:pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_pyOpenSSL:pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_pyOpenSSL:pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python-pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python-pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python_pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python_pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyOpenSSL:pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyOpenSSL:pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:pyOpenSSL:24.0.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:pyOpenSSL:24.1.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/pyOpenSSL-24.0.0.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/pyOpenSSL-24.1.0.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/pyOpenSSL-24.0.0.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/pyOpenSSL-24.1.0.dist-info/RECORD" }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", - "value": "/usr/local/lib/python3.11/site-packages/pyOpenSSL-24.0.0.dist-info/top_level.txt" + "value": "/usr/local/lib/python3.11/site-packages/pyOpenSSL-24.1.0.dist-info/top_level.txt" } ] }, { - "bom-ref": "pkg:pypi/pyasn1@0.5.1?package-id=e3a64670a5ce9ca8", + "bom-ref": "pkg:pypi/pyasn1@0.6.0?package-id=0af623814bbe3748", "type": "library", "author": "Ilya Etingof ", "name": "pyasn1", - "version": "0.5.1", + "version": "0.6.0", "licenses": [ { "license": { @@ -19795,8 +19844,8 @@ } } ], - "cpe": "cpe:2.3:a:ilya_etingof_project:python-pyasn1:0.5.1:*:*:*:*:*:*:*", - "purl": "pkg:pypi/pyasn1@0.5.1", + "cpe": "cpe:2.3:a:ilya_etingof_project:python-pyasn1:0.6.0:*:*:*:*:*:*:*", + "purl": "pkg:pypi/pyasn1@0.6.0", "properties": [ { "name": "syft:package:foundBy", @@ -19816,143 +19865,143 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ilya_etingof_project:python_pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ilya_etingof_project:python_pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ilya_etingofproject:python-pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ilya_etingofproject:python-pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ilya_etingofproject:python_pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ilya_etingofproject:python_pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:etingof_project:python-pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:etingof_project:python-pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:etingof_project:python_pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:etingof_project:python_pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:etingofproject:python-pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:etingofproject:python-pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:etingofproject:python_pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:etingofproject:python_pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ilya_etingof_project:pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ilya_etingof_project:pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-pyasn1:python-pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-pyasn1:python-pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-pyasn1:python_pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-pyasn1:python_pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_pyasn1:python-pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_pyasn1:python-pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_pyasn1:python_pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_pyasn1:python_pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ilya_etingof:python-pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ilya_etingof:python-pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ilya_etingof:python_pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ilya_etingof:python_pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ilya_etingofproject:pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ilya_etingofproject:pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:etingof_project:pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:etingof_project:pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:etingof:python-pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:etingof:python-pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:etingof:python_pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:etingof:python_pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:etingofproject:pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:etingofproject:pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyasn1:python-pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyasn1:python-pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyasn1:python_pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyasn1:python_pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-pyasn1:pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-pyasn1:pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python-pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python-pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python_pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python_pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_pyasn1:pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_pyasn1:pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ilya_etingof:pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ilya_etingof:pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:etingof:pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:etingof:pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:pyasn1:pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:pyasn1:pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:pyasn1:0.5.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:pyasn1:0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/pyasn1-0.5.1.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/pyasn1-0.6.0.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/pyasn1-0.5.1.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/pyasn1-0.6.0.dist-info/RECORD" }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", - "value": "/usr/local/lib/python3.11/site-packages/pyasn1-0.5.1.dist-info/top_level.txt" + "value": "/usr/local/lib/python3.11/site-packages/pyasn1-0.6.0.dist-info/top_level.txt" } ] }, @@ -20286,7 +20335,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -20294,7 +20343,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -20302,7 +20351,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -20460,7 +20509,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -20468,7 +20517,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -20476,7 +20525,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -20610,7 +20659,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -20618,7 +20667,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -20916,7 +20965,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -20924,7 +20973,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -21094,7 +21143,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -21102,7 +21151,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -21110,7 +21159,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -21268,7 +21317,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -21276,7 +21325,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -21285,7 +21334,7 @@ ] }, { - "bom-ref": "pkg:generic/python@3.11.9?package-id=f05400c986d3d1b5", + "bom-ref": "pkg:generic/python@3.11.9?package-id=c31c14f1edce3c84", "type": "application", "name": "python", "version": "3.11.9", @@ -21314,7 +21363,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -21322,7 +21371,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -21432,7 +21481,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -21440,7 +21489,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -21448,7 +21497,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -21606,7 +21655,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -21614,7 +21663,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -21622,7 +21671,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -21710,7 +21759,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:0:path", @@ -21718,7 +21767,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3069e121245c22894170eeff3d76666ab8e63a42b86dd2e566ae0498a2f229bc" + "value": "sha256:ebf00c0c4b3a9a964ea7cd690c92fe94a721aca97412d8a0650b83b6905713ec" }, { "name": "syft:location:1:path", @@ -21726,7 +21775,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -21892,7 +21941,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -21900,7 +21949,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -21909,20 +21958,20 @@ ] }, { - "bom-ref": "pkg:pypi/requests@2.31.0?package-id=4c2f455bc9f27f0d", + "bom-ref": "pkg:pypi/requests@2.32.2?package-id=b8c732b179193e4b", "type": "library", "author": "Kenneth Reitz ", "name": "requests", - "version": "2.31.0", + "version": "2.32.2", "licenses": [ { "license": { - "name": "Apache 2.0" + "id": "Apache-2.0" } } ], - "cpe": "cpe:2.3:a:python:requests:2.31.0:*:*:*:*:*:*:*", - "purl": "pkg:pypi/requests@2.31.0", + "cpe": "cpe:2.3:a:python:requests:2.32.2:*:*:*:*:*:*:*", + "purl": "pkg:pypi/requests@2.32.2", "properties": [ { "name": "syft:package:foundBy", @@ -21942,27 +21991,27 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/requests-2.31.0.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/requests-2.32.2.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/requests-2.31.0.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/requests-2.32.2.dist-info/RECORD" }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", - "value": "/usr/local/lib/python3.11/site-packages/requests-2.31.0.dist-info/top_level.txt" + "value": "/usr/local/lib/python3.11/site-packages/requests-2.32.2.dist-info/top_level.txt" } ] }, @@ -22220,7 +22269,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -22228,7 +22277,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -22306,7 +22355,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -22314,7 +22363,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -22322,7 +22371,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -22556,7 +22605,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -22564,7 +22613,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -22572,7 +22621,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -22581,11 +22630,11 @@ ] }, { - "bom-ref": "pkg:pypi/sentry-sdk@1.40.3?package-id=0dabbb168f9f932a", + "bom-ref": "pkg:pypi/sentry-sdk@2.6.0?package-id=2c6dfc441167a608", "type": "library", "author": "Sentry Team and Contributors ", "name": "sentry-sdk", - "version": "1.40.3", + "version": "2.6.0", "licenses": [ { "license": { @@ -22593,8 +22642,8 @@ } } ], - "cpe": "cpe:2.3:a:sentry:sentry_software_development_kit:1.40.3:*:*:*:*:python:*:*", - "purl": "pkg:pypi/sentry-sdk@1.40.3", + "cpe": "cpe:2.3:a:sentry:sentry_software_development_kit:2.6.0:*:*:*:*:python:*:*", + "purl": "pkg:pypi/sentry-sdk@2.6.0", "properties": [ { "name": "syft:package:foundBy", @@ -22614,27 +22663,27 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/sentry_sdk-1.40.3.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/sentry_sdk-2.6.0.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/sentry_sdk-1.40.3.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/sentry_sdk-2.6.0.dist-info/RECORD" }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", - "value": "/usr/local/lib/python3.11/site-packages/sentry_sdk-1.40.3.dist-info/top_level.txt" + "value": "/usr/local/lib/python3.11/site-packages/sentry_sdk-2.6.0.dist-info/top_level.txt" } ] }, @@ -22860,7 +22909,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -22868,7 +22917,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -22910,7 +22959,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:0:path", @@ -22918,7 +22967,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:1:path", @@ -22926,7 +22975,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:2:path", @@ -22968,7 +23017,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -22976,7 +23025,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -22984,7 +23033,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -23214,7 +23263,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -23222,7 +23271,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -23230,7 +23279,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -23315,7 +23364,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -23323,7 +23372,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -23331,7 +23380,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -23489,7 +23538,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -23497,7 +23546,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -23505,7 +23554,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -23663,7 +23712,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -23671,7 +23720,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -23679,7 +23728,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -23716,7 +23765,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -23788,7 +23837,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -23796,7 +23845,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -23804,7 +23853,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -23875,7 +23924,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -23883,7 +23932,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -23891,7 +23940,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -24053,7 +24102,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -24061,7 +24110,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -24069,7 +24118,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -24078,7 +24127,7 @@ ] }, { - "bom-ref": "pkg:pypi/thrift@0.16.0?package-id=ab98b30c835316a8", + "bom-ref": "pkg:pypi/thrift@0.16.0?package-id=cb67494dd1e83bb7", "type": "library", "author": "Apache Thrift Developers ", "name": "thrift", @@ -24227,7 +24276,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -24235,7 +24284,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -24243,7 +24292,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -24252,11 +24301,11 @@ ] }, { - "bom-ref": "pkg:pypi/tornado@6.4?package-id=7b272900ad605ca6", + "bom-ref": "pkg:pypi/tornado@6.4.1?package-id=14fa5c9dc368ac35", "type": "library", "author": "Facebook ", "name": "tornado", - "version": "6.4", + "version": "6.4.1", "licenses": [ { "license": { @@ -24264,8 +24313,8 @@ } } ], - "cpe": "cpe:2.3:a:python_tornado_project:python-tornado:6.4:*:*:*:*:*:*:*", - "purl": "pkg:pypi/tornado@6.4", + "cpe": "cpe:2.3:a:python_tornado_project:python-tornado:6.4.1:*:*:*:*:*:*:*", + "purl": "pkg:pypi/tornado@6.4.1", "properties": [ { "name": "syft:package:foundBy", @@ -24285,131 +24334,131 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_tornado_project:python_tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_tornado_project:python_tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_tornadoproject:python-tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_tornadoproject:python-tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_tornadoproject:python_tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_tornadoproject:python_tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:facebook_project:python-tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:facebook_project:python-tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:facebook_project:python_tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:facebook_project:python_tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:facebookproject:python-tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:facebookproject:python-tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:facebookproject:python_tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:facebookproject:python_tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_tornado_project:tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_tornado_project:tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-tornado:python-tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-tornado:python-tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-tornado:python_tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-tornado:python_tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_tornado:python-tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_tornado:python-tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_tornado:python_tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_tornado:python_tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_tornadoproject:tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_tornadoproject:tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:facebook_project:tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:facebook_project:tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:facebook:python-tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:facebook:python-tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:facebook:python_tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:facebook:python_tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:facebookproject:tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:facebookproject:tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-tornado:tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-tornado:tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_tornado:tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_tornado:tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:tornado:python-tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:tornado:python-tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:tornado:python_tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:tornado:python_tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python-tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python-tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python_tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python_tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:facebook:tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:facebook:tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:tornado:tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:tornado:tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:tornado:6.4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:tornado:6.4.1:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/tornado-6.4.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/tornado-6.4.1.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/tornado-6.4.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/tornado-6.4.1.dist-info/RECORD" }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", - "value": "/usr/local/lib/python3.11/site-packages/tornado-6.4.dist-info/top_level.txt" + "value": "/usr/local/lib/python3.11/site-packages/tornado-6.4.1.dist-info/top_level.txt" } ] }, @@ -24563,7 +24612,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -24571,7 +24620,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -24579,7 +24628,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -24737,7 +24786,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -24745,7 +24794,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -24753,7 +24802,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -24762,13 +24811,13 @@ ] }, { - "bom-ref": "pkg:pypi/typing-extensions@4.11.0?package-id=e4297b09aa3dc7c2", + "bom-ref": "pkg:pypi/typing-extensions@4.12.2?package-id=c3eb468a9f97d5b9", "type": "library", "author": "\"Guido van Rossum, Jukka Lehtosalo, Łukasz Langa, Michael Lee\" ", "name": "typing_extensions", - "version": "4.11.0", - "cpe": "cpe:2.3:a:python-typing-extensions:python-typing-extensions:4.11.0:*:*:*:*:*:*:*", - "purl": "pkg:pypi/typing_extensions@4.11.0", + "version": "4.12.2", + "cpe": "cpe:2.3:a:python-typing-extensions:python-typing-extensions:4.12.2:*:*:*:*:*:*:*", + "purl": "pkg:pypi/typing_extensions@4.12.2", "properties": [ { "name": "syft:package:foundBy", @@ -24788,195 +24837,195 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing-extensions:python-typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing-extensions:python-typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing-extensions:python_typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing-extensions:python_typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing_extensions:python-typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing_extensions:python-typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing_extensions:python-typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing_extensions:python-typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing_extensions:python_typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing_extensions:python_typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_typing_extensions:python-typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_typing_extensions:python-typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_typing_extensions:python-typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_typing_extensions:python-typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_typing_extensions:python_typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_typing_extensions:python_typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing-extensions:typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing-extensions:typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing-extensions:typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing-extensions:typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing_extensions:typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing_extensions:typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing_extensions:typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing_extensions:typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_typing_extensions:typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_typing_extensions:typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_typing_extensions:typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_typing_extensions:typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing-extensions:python-typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing-extensions:python-typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing-extensions:python-typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing-extensions:python-typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing-extensions:python_typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing-extensions:python_typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing_extensions:python-typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing_extensions:python-typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing_extensions:python-typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing_extensions:python-typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing_extensions:python_typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing_extensions:python_typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing:python-typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing:python-typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing:python-typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing:python-typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing:python_typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing:python_typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_typing:python-typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_typing:python-typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_typing:python-typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_typing:python-typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_typing:python_typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_typing:python_typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing-extensions:typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing-extensions:typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing-extensions:typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing-extensions:typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing_extensions:typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing_extensions:typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing_extensions:typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing_extensions:typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing:typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing:typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python-typing:typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python-typing:typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python-typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python-typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python-typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python-typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:python_typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:python_typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_typing:typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_typing:typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python_typing:typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python_typing:typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing:python-typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing:python-typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing:python-typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing:python-typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing:python_typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing:python_typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python:typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python:typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing:typing-extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing:typing-extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:typing:typing_extensions:4.11.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:typing:typing_extensions:4.12.2:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/typing_extensions-4.11.0.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/typing_extensions-4.12.2.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/typing_extensions-4.11.0.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/typing_extensions-4.12.2.dist-info/RECORD" } ] }, @@ -25010,7 +25059,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -25018,7 +25067,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -25026,7 +25075,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -25152,7 +25201,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -25160,7 +25209,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -25169,13 +25218,13 @@ ] }, { - "bom-ref": "pkg:pypi/urllib3@2.0.7?package-id=abd4cee8fb857ec6", + "bom-ref": "pkg:pypi/urllib3@2.2.2?package-id=6df91ff7ac00c1f0", "type": "library", "author": "Andrey Petrov ", "name": "urllib3", - "version": "2.0.7", - "cpe": "cpe:2.3:a:python:urllib3:2.0.7:*:*:*:*:*:*:*", - "purl": "pkg:pypi/urllib3@2.0.7", + "version": "2.2.2", + "cpe": "cpe:2.3:a:python:urllib3:2.2.2:*:*:*:*:*:*:*", + "purl": "pkg:pypi/urllib3@2.2.2", "properties": [ { "name": "syft:package:foundBy", @@ -25195,19 +25244,19 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", - "value": "/usr/local/lib/python3.11/site-packages/urllib3-2.0.7.dist-info/METADATA" + "value": "/usr/local/lib/python3.11/site-packages/urllib3-2.2.2.dist-info/METADATA" }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", - "value": "/usr/local/lib/python3.11/site-packages/urllib3-2.0.7.dist-info/RECORD" + "value": "/usr/local/lib/python3.11/site-packages/urllib3-2.2.2.dist-info/RECORD" } ] }, @@ -25282,7 +25331,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -25290,7 +25339,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -25298,7 +25347,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -25439,7 +25488,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -25447,7 +25496,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -25455,7 +25504,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -25463,7 +25512,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -25616,7 +25665,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -25624,7 +25673,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -25632,7 +25681,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:2:path", @@ -25640,7 +25689,7 @@ }, { "name": "syft:location:3:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:3:path", @@ -25806,7 +25855,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -25814,7 +25863,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -25822,7 +25871,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -25949,7 +25998,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:0:path", @@ -25957,7 +26006,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:216328af4e7909ed088653167a2c684729b1a1706f597c1fdc903dc21b559e42" + "value": "sha256:47d24fc718a7900df611687adbd12371ef385cdfd12298e7c9efb27b71c984fe" }, { "name": "syft:location:1:path", @@ -26115,7 +26164,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -26123,7 +26172,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -26131,7 +26180,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -26162,7 +26211,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:0:path", @@ -26170,7 +26219,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:1:path", @@ -26178,7 +26227,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -26220,7 +26269,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:0:path", @@ -26228,7 +26277,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:5d4427064ecc46e3c2add169e9b5eafc7ed2be7861081ec925938ab628ac0e25" + "value": "sha256:32148f9f6c5aadfa167ee7b146b9703c59307049d68b090c19db019fd15c5406" }, { "name": "syft:location:1:path", @@ -26236,7 +26285,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:659ac82608d93ec1a9b54b3facc46ebc9b1680e899a3a41a2b0cab54e3b33aa4" + "value": "sha256:bb7e6ca5c72bcda46fdee244f260baa4875fba34a6b29fc0efd3efc98d8853ea" }, { "name": "syft:location:2:path", @@ -26414,7 +26463,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:0:path", @@ -26422,7 +26471,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:1:path", @@ -26430,7 +26479,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:69a2c59927e6403d40c80ef7eef9dc9c7c3797d235cc9b97dc9ae1923ad3fa39" + "value": "sha256:f73a8bc8ae556e94b50cd501356af3a5a3e701375250d4aa965ffebfa232bdfe" }, { "name": "syft:location:2:path", @@ -26500,14 +26549,14 @@ "pkg:deb/debian/libapt-pkg6.0@2.6.1?arch=amd64&upstream=apt&distro=debian-12&package-id=18ed075bb8b76c7f", "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", "pkg:deb/debian/libgcc-s1@12.2.0-14?arch=amd64&upstream=gcc-12&distro=debian-12&package-id=38b424bee2a8db35", - "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u2?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=1de6e19dee40b0ab", - "pkg:deb/debian/libseccomp2@2.5.4-1%2Bb3?arch=amd64&upstream=libseccomp%402.5.4-1&distro=debian-12&package-id=a6922f8e0f890c0e", + "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u3?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=e285c9d302b29acf", + "pkg:deb/debian/libseccomp2@2.5.4-1%2Bdeb12u1?arch=amd64&upstream=libseccomp&distro=debian-12&package-id=86bffae363f30eaf", "pkg:deb/debian/libstdc%2B%2B6@12.2.0-14?arch=amd64&upstream=gcc-12&distro=debian-12&package-id=4f6f636801d1d450", - "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22" + "pkg:deb/debian/libsystemd0@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=feb617e488eec05e" ] }, { - "ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=430b452649ec6d58", + "ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12&package-id=c41d0eaedae01b93", "dependsOn": [ "pkg:deb/debian/mawk@1.3.4.20200120-3.1?arch=amd64&distro=debian-12&package-id=ab8cb640bde51524" ] @@ -26521,9 +26570,9 @@ ] }, { - "ref": "pkg:deb/debian/bash@5.2.15-2%2Bb2?arch=amd64&upstream=bash%405.2.15-2&distro=debian-12&package-id=7076d057ab25a499", + "ref": "pkg:deb/debian/bash@5.2.15-2%2Bb7?arch=amd64&upstream=bash%405.2.15-2&distro=debian-12&package-id=f715edd1e555e041", "dependsOn": [ - "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=430b452649ec6d58", + "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12&package-id=c41d0eaedae01b93", "pkg:deb/debian/debianutils@5.7-0.5~deb12u1?arch=amd64&distro=debian-12&package-id=491d4893a84ee6f1", "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=16ce3f9a5a6f08b5" @@ -26533,14 +26582,14 @@ "ref": "pkg:deb/debian/bsdutils@1:2.38.1-5%2Bdeb12u1?arch=amd64&upstream=util-linux%402.38.1-5%2Bdeb12u1&distro=debian-12&package-id=a5f7ee908299e757", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", - "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22" + "pkg:deb/debian/libsystemd0@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=feb617e488eec05e" ] }, { "ref": "pkg:deb/debian/ca-certificates@20230311?arch=all&distro=debian-12&package-id=a19b0036f2925522", "dependsOn": [ "pkg:deb/debian/debconf@1.5.82?arch=all&distro=debian-12&package-id=cd568950fffd83d7", - "pkg:deb/debian/openssl@3.0.11-1~deb12u2?arch=amd64&distro=debian-12&package-id=0919462d0d876880" + "pkg:deb/debian/openssl@3.0.13-1~deb12u1?arch=amd64&distro=debian-12&package-id=cddd26047eac2a86" ] }, { @@ -26554,10 +26603,10 @@ ] }, { - "ref": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=60eb7e4999f74148", + "ref": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u6?arch=amd64&distro=debian-12&package-id=004f2529fac224aa", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", - "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u5?arch=amd64&upstream=curl&distro=debian-12&package-id=3425ee7723f69b83", + "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u6?arch=amd64&upstream=curl&distro=debian-12&package-id=f9f0a840b5701b6c", "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=450c163f1aff2ce3" ] }, @@ -26666,8 +26715,8 @@ "pkg:deb/debian/liblz4-1@1.9.4-1?arch=amd64&upstream=lz4&distro=debian-12&package-id=89a8f82cb9aef205", "pkg:deb/debian/liblzma5@5.4.1-0.2?arch=amd64&upstream=xz-utils&distro=debian-12&package-id=50aacee46546d54f", "pkg:deb/debian/libstdc%2B%2B6@12.2.0-14?arch=amd64&upstream=gcc-12&distro=debian-12&package-id=4f6f636801d1d450", - "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22", - "pkg:deb/debian/libudev1@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=149f02d90873ce5b", + "pkg:deb/debian/libsystemd0@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=feb617e488eec05e", + "pkg:deb/debian/libudev1@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=aa55696d3d1d7cba", "pkg:deb/debian/libxxhash0@0.8.1-1?arch=amd64&upstream=xxhash&distro=debian-12&package-id=80b285a817bbd8db", "pkg:deb/debian/libzstd1@1.5.4%2Bdfsg2-5?arch=amd64&upstream=libzstd&distro=debian-12&package-id=2d1a4631243ef86d", "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=450c163f1aff2ce3" @@ -26742,7 +26791,7 @@ ] }, { - "ref": "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u5?arch=amd64&upstream=curl&distro=debian-12&package-id=3425ee7723f69b83", + "ref": "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u6?arch=amd64&upstream=curl&distro=debian-12&package-id=f9f0a840b5701b6c", "dependsOn": [ "pkg:deb/debian/libbrotli1@1.0.9-2%2Bb6?arch=amd64&upstream=brotli%401.0.9-2&distro=debian-12&package-id=bee17957f6df430e", "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", @@ -26753,7 +26802,7 @@ "pkg:deb/debian/libpsl5@0.21.2-1?arch=amd64&upstream=libpsl&distro=debian-12&package-id=6d6e8a1c4d8f5a2b", "pkg:deb/debian/librtmp1@2.4%2B20151223.gitfa8646d.1-2%2Bb2?arch=amd64&upstream=rtmpdump%402.4%2B20151223.gitfa8646d.1-2&distro=debian-12&package-id=67e81e91a8c1dffc", "pkg:deb/debian/libssh2-1@1.10.0-3%2Bb1?arch=amd64&upstream=libssh2%401.10.0-3&distro=debian-12&package-id=7023b2ad941f42b0", - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe", + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57", "pkg:deb/debian/libzstd1@1.5.4%2Bdfsg2-5?arch=amd64&upstream=libzstd&distro=debian-12&package-id=2d1a4631243ef86d", "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=450c163f1aff2ce3" ] @@ -26815,7 +26864,7 @@ ] }, { - "ref": "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u2?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=1de6e19dee40b0ab", + "ref": "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u3?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=e285c9d302b29acf", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", "pkg:deb/debian/libgmp10@2:6.2.1%2Bdfsg1-1.1?arch=amd64&upstream=gmp&distro=debian-12&package-id=58578df1b5161e39", @@ -26901,7 +26950,7 @@ "pkg:deb/debian/libk5crypto3@1.20.1-2%2Bdeb12u1?arch=amd64&upstream=krb5&distro=debian-12&package-id=a762d1301d128fa5", "pkg:deb/debian/libkeyutils1@1.6.3-2?arch=amd64&upstream=keyutils&distro=debian-12&package-id=47508eca670369df", "pkg:deb/debian/libkrb5support0@1.20.1-2%2Bdeb12u1?arch=amd64&upstream=krb5&distro=debian-12&package-id=e9edcdc78a2b088b", - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57" ] }, { @@ -26914,7 +26963,7 @@ "ref": "pkg:deb/debian/libldap-2.5-0@2.5.13%2Bdfsg-5?arch=amd64&upstream=openldap&distro=debian-12&package-id=ed26cdfa87149cfa", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", - "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u2?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=1de6e19dee40b0ab", + "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u3?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=e285c9d302b29acf", "pkg:deb/debian/libsasl2-2@2.1.28%2Bdfsg-10?arch=amd64&upstream=cyrus-sasl2&distro=debian-12&package-id=fcacc8c1e128f9a7" ] }, @@ -27022,12 +27071,12 @@ ] }, { - "ref": "pkg:deb/debian/libpq5@15.6-0%2Bdeb12u1?arch=amd64&upstream=postgresql-15&distro=debian-12&package-id=b91f13e24096c1ff", + "ref": "pkg:deb/debian/libpq5@15.7-0%2Bdeb12u1?arch=amd64&upstream=postgresql-15&distro=debian-12&package-id=67555d5d1cc5af29", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", "pkg:deb/debian/libgssapi-krb5-2@1.20.1-2%2Bdeb12u1?arch=amd64&upstream=krb5&distro=debian-12&package-id=eb530b6c06324c23", "pkg:deb/debian/libldap-2.5-0@2.5.13%2Bdfsg-5?arch=amd64&upstream=openldap&distro=debian-12&package-id=ed26cdfa87149cfa", - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57" ] }, { @@ -27051,7 +27100,7 @@ "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", "pkg:deb/debian/libgmp10@2:6.2.1%2Bdfsg1-1.1?arch=amd64&upstream=gmp&distro=debian-12&package-id=58578df1b5161e39", - "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u2?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=1de6e19dee40b0ab", + "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u3?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=e285c9d302b29acf", "pkg:deb/debian/libhogweed6@3.8.1-2?arch=amd64&upstream=nettle&distro=debian-12&package-id=1bf51448294e0e43", "pkg:deb/debian/libnettle8@3.8.1-2?arch=amd64&upstream=nettle&distro=debian-12&package-id=d6bdae4cd6916b9c", "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=450c163f1aff2ce3" @@ -27075,11 +27124,11 @@ "ref": "pkg:deb/debian/libsasl2-modules@2.1.28%2Bdfsg-10?arch=amd64&upstream=cyrus-sasl2&distro=debian-12&package-id=c514a923a77dd17b", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57" ] }, { - "ref": "pkg:deb/debian/libseccomp2@2.5.4-1%2Bb3?arch=amd64&upstream=libseccomp%402.5.4-1&distro=debian-12&package-id=a6922f8e0f890c0e", + "ref": "pkg:deb/debian/libseccomp2@2.5.4-1%2Bdeb12u1?arch=amd64&upstream=libseccomp&distro=debian-12&package-id=86bffae363f30eaf", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc" ] @@ -27131,18 +27180,18 @@ "ref": "pkg:deb/debian/libssh2-1@1.10.0-3%2Bb1?arch=amd64&upstream=libssh2%401.10.0-3&distro=debian-12&package-id=7023b2ad941f42b0", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe", + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57", "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=450c163f1aff2ce3" ] }, { - "ref": "pkg:deb/debian/libssl-dev@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=d3dce58d6f1dd89b", + "ref": "pkg:deb/debian/libssl-dev@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=1c425c6617d0cc1b", "dependsOn": [ - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57" ] }, { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe", + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc" ] @@ -27156,7 +27205,7 @@ ] }, { - "ref": "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22", + "ref": "pkg:deb/debian/libsystemd0@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=feb617e488eec05e", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", "pkg:deb/debian/libcap2@1:2.66-4?arch=amd64&distro=debian-12&package-id=00973b8ba461f164", @@ -27187,7 +27236,7 @@ ] }, { - "ref": "pkg:deb/debian/libudev1@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=149f02d90873ce5b", + "ref": "pkg:deb/debian/libudev1@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=aa55696d3d1d7cba", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc" ] @@ -27223,7 +27272,7 @@ "ref": "pkg:deb/debian/libxmlsec1-openssl@1.2.37-2?arch=amd64&upstream=xmlsec1&distro=debian-12&package-id=8bfea88e532bd902", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe", + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57", "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u1?arch=amd64&distro=debian-12&package-id=2015aa6ec3465662", "pkg:deb/debian/libxmlsec1@1.2.37-2?arch=amd64&upstream=xmlsec1&distro=debian-12&package-id=12713888614c016c" ] @@ -27297,10 +27346,10 @@ ] }, { - "ref": "pkg:deb/debian/openssl@3.0.11-1~deb12u2?arch=amd64&distro=debian-12&package-id=0919462d0d876880", + "ref": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?arch=amd64&distro=debian-12&package-id=cddd26047eac2a86", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc", - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57" ] }, { @@ -27376,9 +27425,9 @@ "pkg:deb/debian/libpam0g@1.5.2-6%2Bdeb12u1?arch=amd64&upstream=pam&distro=debian-12&package-id=9e3755175020009e", "pkg:deb/debian/libselinux1@3.4-1%2Bb6?arch=amd64&upstream=libselinux%403.4-1&distro=debian-12&package-id=2ddd11f048a6a586", "pkg:deb/debian/libsmartcols1@2.38.1-5%2Bdeb12u1?arch=amd64&upstream=util-linux&distro=debian-12&package-id=a19481ad8109e13e", - "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22", + "pkg:deb/debian/libsystemd0@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=feb617e488eec05e", "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=16ce3f9a5a6f08b5", - "pkg:deb/debian/libudev1@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=149f02d90873ce5b", + "pkg:deb/debian/libudev1@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=aa55696d3d1d7cba", "pkg:deb/debian/libuuid1@2.38.1-5%2Bdeb12u1?arch=amd64&upstream=util-linux&distro=debian-12&package-id=747a26ba1b8b92a7", "pkg:deb/debian/util-linux-extra@2.38.1-5%2Bdeb12u1?arch=amd64&upstream=util-linux&distro=debian-12&package-id=76ef77b2a5a01818", "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=450c163f1aff2ce3" @@ -27401,15 +27450,21 @@ ] }, { - "ref": "pkg:generic/python@3.11.9?package-id=f05400c986d3d1b5", + "ref": "pkg:generic/python@3.11.9?package-id=c31c14f1edce3c84", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=9fdc7b787f921efc" ] }, { - "ref": "pkg:pypi/authlib@1.3.0?package-id=e6bc97b6a00065d3", + "ref": "pkg:golang/github.com/tianon/gosu@(devel)?package-id=82b617bd376831dd", + "dependsOn": [ + "pkg:golang/stdlib@1.19.8?package-id=70d69a89c5ad3244" + ] + }, + { + "ref": "pkg:pypi/authlib@1.3.1?package-id=4b098fcc867931cf", "dependsOn": [ - "pkg:pypi/cryptography@42.0.5?package-id=fc49057b0af6dc3b" + "pkg:pypi/cryptography@42.0.7?package-id=799df55d55522059" ] }, { @@ -27433,7 +27488,7 @@ ] }, { - "ref": "pkg:pypi/cryptography@42.0.5?package-id=fc49057b0af6dc3b", + "ref": "pkg:pypi/cryptography@42.0.7?package-id=799df55d55522059", "dependsOn": [ "pkg:pypi/certifi@2023.7.22?package-id=844d981d536c1918" ] @@ -27441,14 +27496,14 @@ { "ref": "pkg:pypi/elementpath@4.1.5?package-id=3a488c6d7cf359fb", "dependsOn": [ - "pkg:pypi/lxml@5.2.1?package-id=66bde09d6eed7778", + "pkg:pypi/lxml@5.2.2?package-id=95ad55180191608d", "pkg:pypi/xmlschema@2.4.0?package-id=5b9ad4dc0eb00617" ] }, { "ref": "pkg:pypi/html5lib@1.1?package-id=154e108bc7191366", "dependsOn": [ - "pkg:pypi/lxml@5.2.1?package-id=66bde09d6eed7778", + "pkg:pypi/lxml@5.2.2?package-id=95ad55180191608d", "pkg:pypi/six@1.16.0?package-id=057699d32b18f404", "pkg:pypi/webencodings@0.5.1?package-id=8aeabd94e5989f87" ] @@ -27462,7 +27517,7 @@ { "ref": "pkg:pypi/jaeger-client@4.8.0?package-id=9f7f948231769a18", "dependsOn": [ - "pkg:pypi/thrift@0.16.0?package-id=ab98b30c835316a8" + "pkg:pypi/thrift@0.16.0?package-id=cb67494dd1e83bb7" ] }, { @@ -27474,11 +27529,11 @@ { "ref": "pkg:pypi/ldap3@2.9.1?package-id=5c2bfb180154c6c3", "dependsOn": [ - "pkg:pypi/pyasn1@0.5.1?package-id=e3a64670a5ce9ca8" + "pkg:pypi/pyasn1@0.6.0?package-id=0af623814bbe3748" ] }, { - "ref": "pkg:pypi/lxml@5.2.1?package-id=66bde09d6eed7778", + "ref": "pkg:pypi/lxml@5.2.2?package-id=95ad55180191608d", "dependsOn": [ "pkg:pypi/html5lib@1.1?package-id=154e108bc7191366" ] @@ -27492,44 +27547,43 @@ { "ref": "pkg:pypi/matrix-synapse-ldap3@0.3.0?package-id=166db5e02af14cd7", "dependsOn": [ - "pkg:pypi/matrix-synapse@1.107.0?package-id=fb4e40be237e1434", + "pkg:pypi/matrix-synapse@1.110.0?package-id=cfbc3e8ff9b0777b", "pkg:pypi/service-identity@24.1.0?package-id=d30ea3b6f6325130" ] }, { - "ref": "pkg:pypi/matrix-synapse@1.107.0?package-id=fb4e40be237e1434", + "ref": "pkg:pypi/matrix-synapse@1.110.0?package-id=cfbc3e8ff9b0777b", "dependsOn": [ "pkg:pypi/attrs@23.2.0?package-id=9736d887f4ab2ef5", - "pkg:pypi/bcrypt@4.1.2?package-id=086ec223ad78ee72", + "pkg:pypi/bcrypt@4.1.3?package-id=058e0dcb45454756", "pkg:pypi/bleach@6.1.0?package-id=84341c323174fe91", "pkg:pypi/canonicaljson@2.0.0?package-id=cece6c8380222801", - "pkg:pypi/cryptography@42.0.5?package-id=fc49057b0af6dc3b", + "pkg:pypi/cryptography@42.0.7?package-id=799df55d55522059", "pkg:pypi/hiredis@2.3.2?package-id=7d17f7c09212119c", "pkg:pypi/idna@3.7?package-id=48c70e4ccf175e39", "pkg:pypi/ijson@3.2.3?package-id=8f56a740797d7e50", - "pkg:pypi/immutabledict@4.1.0?package-id=9d6259f524390a35", + "pkg:pypi/immutabledict@4.2.0?package-id=1b2d61e8134d9b21", "pkg:pypi/jaeger-client@4.8.0?package-id=9f7f948231769a18", - "pkg:pypi/jinja2@3.1.3?package-id=bbdafdfe43732f6f", + "pkg:pypi/jinja2@3.1.4?package-id=e3de4c2aa4beff4f", "pkg:pypi/jsonschema@4.22.0?package-id=6ef6973752587a99", - "pkg:pypi/lxml@5.2.1?package-id=66bde09d6eed7778", + "pkg:pypi/lxml@5.2.2?package-id=95ad55180191608d", "pkg:pypi/matrix-common@1.3.0?package-id=ba43e87386e90977", "pkg:pypi/matrix-synapse-ldap3@0.3.0?package-id=166db5e02af14cd7", - "pkg:pypi/msgpack@1.0.7?package-id=a43ec6ac4cb5fa07", - "pkg:pypi/netaddr@1.2.1?package-id=7c8d0893fdd4a133", + "pkg:pypi/msgpack@1.0.8?package-id=fa44af608fd85080", + "pkg:pypi/netaddr@1.3.0?package-id=eadd7330970a8678", "pkg:pypi/opentracing@2.4.0?package-id=1272cc67b0392c87", - "pkg:pypi/packaging@24.0?package-id=378523aaeb134b7a", + "pkg:pypi/packaging@24.1?package-id=f2e2d68144a73aaf", "pkg:pypi/parameterized@0.9.0?package-id=4c428ddac29ae041", - "pkg:pypi/phonenumbers@8.13.35?package-id=5129a21395a62589", - "pkg:pypi/prometheus-client@0.19.0?package-id=d6132aa8e91b7147", - "pkg:pypi/psycopg2@2.9.9?package-id=ddf6c1f50338d268", - "pkg:pypi/pyasn1@0.5.1?package-id=e3a64670a5ce9ca8", + "pkg:pypi/phonenumbers@8.13.39?package-id=53ea92a4af367acf", + "pkg:pypi/psycopg2@2.9.9?package-id=f43f9646bc245be5", + "pkg:pypi/pyasn1@0.6.0?package-id=0af623814bbe3748", "pkg:pypi/pydantic@2.7.1?package-id=e78dc04d4ff050cf", "pkg:pypi/pymacaroons@0.13.0?package-id=bb3a3fa80e2b6460", "pkg:pypi/pympler@1.0.1?package-id=8c94cb26f79d2ca1", - "pkg:pypi/pyopenssl@24.0.0?package-id=71e26fa6e24f7be5", + "pkg:pypi/pyopenssl@24.1.0?package-id=279064ccf7920dc4", "pkg:pypi/pysaml2@7.3.1?package-id=e527d47ce323138b", "pkg:pypi/pyyaml@6.0.1?package-id=a3c427c301c61408", - "pkg:pypi/sentry-sdk@1.40.3?package-id=0dabbb168f9f932a", + "pkg:pypi/sentry-sdk@2.6.0?package-id=2c6dfc441167a608", "pkg:pypi/service-identity@24.1.0?package-id=d30ea3b6f6325130", "pkg:pypi/signedjson@1.1.4?package-id=5bebe91705a3cb3e", "pkg:pypi/sortedcontainers@2.4.0?package-id=85393500fc7595c4", @@ -27541,14 +27595,14 @@ { "ref": "pkg:pypi/opentracing@2.4.0?package-id=1272cc67b0392c87", "dependsOn": [ - "pkg:pypi/tornado@6.4?package-id=7b272900ad605ca6" + "pkg:pypi/tornado@6.4.1?package-id=14fa5c9dc368ac35" ] }, { "ref": "pkg:pypi/pillow@10.3.0?package-id=1ea356931b56ee8b", "dependsOn": [ "pkg:pypi/defusedxml@0.7.1?package-id=534cd115bc9c4a88", - "pkg:pypi/packaging@24.0?package-id=378523aaeb134b7a" + "pkg:pypi/packaging@24.1?package-id=f2e2d68144a73aaf" ] }, { @@ -27567,11 +27621,11 @@ { "ref": "pkg:pypi/pysaml2@7.3.1?package-id=e527d47ce323138b", "dependsOn": [ - "pkg:pypi/cryptography@42.0.5?package-id=fc49057b0af6dc3b", + "pkg:pypi/cryptography@42.0.7?package-id=799df55d55522059", "pkg:pypi/defusedxml@0.7.1?package-id=534cd115bc9c4a88", "pkg:pypi/python-dateutil@2.8.2?package-id=13ef8f999d239236", "pkg:pypi/pytz@2022.7.1?package-id=a3266429d146ab0c", - "pkg:pypi/requests@2.31.0?package-id=4c2f455bc9f27f0d", + "pkg:pypi/requests@2.32.2?package-id=b8c732b179193e4b", "pkg:pypi/xmlschema@2.4.0?package-id=5b9ad4dc0eb00617", "pkg:pypi/zope.interface@6.0?package-id=310b639529d3168a" ] @@ -27582,15 +27636,6 @@ "pkg:pypi/six@1.16.0?package-id=057699d32b18f404" ] }, - { - "ref": "pkg:pypi/requests@2.31.0?package-id=4c2f455bc9f27f0d", - "dependsOn": [ - "pkg:pypi/certifi@2023.7.22?package-id=844d981d536c1918", - "pkg:pypi/charset-normalizer@3.1.0?package-id=d51d0e727c1326bb", - "pkg:pypi/idna@3.7?package-id=48c70e4ccf175e39", - "pkg:pypi/urllib3@2.0.7?package-id=abd4cee8fb857ec6" - ] - }, { "ref": "pkg:pypi/semantic-version@2.10.0?package-id=b3c049a3c44b61d8", "dependsOn": [ @@ -27598,7 +27643,7 @@ ] }, { - "ref": "pkg:pypi/sentry-sdk@1.40.3?package-id=0dabbb168f9f932a", + "ref": "pkg:pypi/sentry-sdk@2.6.0?package-id=2c6dfc441167a608", "dependsOn": [ "pkg:pypi/certifi@2023.7.22?package-id=844d981d536c1918" ] @@ -27606,9 +27651,9 @@ { "ref": "pkg:pypi/service-identity@24.1.0?package-id=d30ea3b6f6325130", "dependsOn": [ - "pkg:pypi/cryptography@42.0.5?package-id=fc49057b0af6dc3b", + "pkg:pypi/cryptography@42.0.7?package-id=799df55d55522059", "pkg:pypi/idna@3.7?package-id=48c70e4ccf175e39", - "pkg:pypi/pyasn1@0.5.1?package-id=e3a64670a5ce9ca8" + "pkg:pypi/pyasn1@0.6.0?package-id=0af623814bbe3748" ] }, { @@ -27628,7 +27673,7 @@ { "ref": "pkg:pypi/threadloop@1.0.2?package-id=a3d54178a1ee6656", "dependsOn": [ - "pkg:pypi/tornado@6.4?package-id=7b272900ad605ca6" + "pkg:pypi/tornado@6.4.1?package-id=14fa5c9dc368ac35" ] }, { @@ -27644,17 +27689,11 @@ "pkg:pypi/six@1.16.0?package-id=057699d32b18f404" ] }, - { - "ref": "pkg:pypi/urllib3@2.0.7?package-id=abd4cee8fb857ec6", - "dependsOn": [ - "pkg:pypi/certifi@2023.7.22?package-id=844d981d536c1918" - ] - }, { "ref": "pkg:pypi/xmlschema@2.4.0?package-id=5b9ad4dc0eb00617", "dependsOn": [ "pkg:pypi/elementpath@4.1.5?package-id=3a488c6d7cf359fb", - "pkg:pypi/lxml@5.2.1?package-id=66bde09d6eed7778" + "pkg:pypi/lxml@5.2.2?package-id=95ad55180191608d" ] }, { @@ -27666,7 +27705,7 @@ ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:995d67c5-6077-4d8a-80fd-47a9d675f861", + "bom-ref": "urn:uuid:b0f03fa5-87c6-444e-bbdd-7b2e78b22653", "id": "CVE-2005-2541", "source": { "name": "debian-distro-debian-12", @@ -27699,7 +27738,7 @@ ] }, { - "bom-ref": "urn:uuid:ee87dbe3-ef2a-4077-960a-f90da8f9aaba", + "bom-ref": "urn:uuid:b70ff21b-1b91-4aea-98a9-ba925037efd2", "id": "CVE-2007-5686", "source": { "name": "debian-distro-debian-12", @@ -27732,7 +27771,7 @@ ] }, { - "bom-ref": "urn:uuid:78c7c3fe-dbbe-4edc-a027-6a81b2d0ee56", + "bom-ref": "urn:uuid:2d7e4d6f-f04f-4041-b426-a02fbb5a9ec4", "id": "CVE-2007-5686", "source": { "name": "debian-distro-debian-12", @@ -27765,7 +27804,7 @@ ] }, { - "bom-ref": "urn:uuid:fe910ebc-9d46-46a2-a3ce-6d2cf6e8de27", + "bom-ref": "urn:uuid:83481c1f-5956-4a93-aed2-4adce9cdba75", "id": "CVE-2010-4756", "source": { "name": "debian-distro-debian-12", @@ -27798,7 +27837,7 @@ ] }, { - "bom-ref": "urn:uuid:09e79cea-67a5-4c63-98cb-a4c2038de7a4", + "bom-ref": "urn:uuid:1fcb304d-6489-45c7-b8e0-c4b5a2a6bd49", "id": "CVE-2010-4756", "source": { "name": "debian-distro-debian-12", @@ -27831,7 +27870,7 @@ ] }, { - "bom-ref": "urn:uuid:d2b531a5-4726-463f-b78e-3e206b07f495", + "bom-ref": "urn:uuid:ee989502-8d35-482c-a571-72845a2e34df", "id": "CVE-2011-3374", "source": { "name": "debian-distro-debian-12", @@ -27864,7 +27903,7 @@ ] }, { - "bom-ref": "urn:uuid:d49594ab-00c8-4753-8314-92920db1cfcd", + "bom-ref": "urn:uuid:e596f844-535b-4c00-82d8-a3e832522709", "id": "CVE-2011-3374", "source": { "name": "debian-distro-debian-12", @@ -27897,7 +27936,7 @@ ] }, { - "bom-ref": "urn:uuid:50c21399-b329-4ade-acbf-06f135c8ba88", + "bom-ref": "urn:uuid:6e85a992-9b93-468f-8f80-e76e77e8f739", "id": "CVE-2011-3389", "source": { "name": "debian-distro-debian-12", @@ -27925,12 +27964,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u2?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=1de6e19dee40b0ab" + "ref": "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u3?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=e285c9d302b29acf" } ] }, { - "bom-ref": "urn:uuid:0f8648e7-7c37-4bdf-88b5-af2aff9bf0d4", + "bom-ref": "urn:uuid:14d1f0c0-d04b-438c-ae65-9231ff7f3f3a", "id": "CVE-2011-4116", "source": { "name": "debian-distro-debian-12", @@ -27963,7 +28002,7 @@ ] }, { - "bom-ref": "urn:uuid:3189dda8-27a8-429a-8ae1-c7d7984f1118", + "bom-ref": "urn:uuid:592467f1-135a-46a7-b572-a7d4e45aa505", "id": "CVE-2013-4392", "source": { "name": "debian-distro-debian-12", @@ -27991,12 +28030,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22" + "ref": "pkg:deb/debian/libsystemd0@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=feb617e488eec05e" } ] }, { - "bom-ref": "urn:uuid:f2336f0f-230e-448a-b724-5db73d7916bb", + "bom-ref": "urn:uuid:aa894c02-0a4c-4e59-9e79-7070a62b0832", "id": "CVE-2013-4392", "source": { "name": "debian-distro-debian-12", @@ -28024,12 +28063,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libudev1@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=149f02d90873ce5b" + "ref": "pkg:deb/debian/libudev1@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=aa55696d3d1d7cba" } ] }, { - "bom-ref": "urn:uuid:a6ee3e68-1eef-4cbe-acba-f87c62f1e20f", + "bom-ref": "urn:uuid:bd6e4de9-4a93-4411-9d93-f20d63b54ce9", "id": "CVE-2015-3276", "source": { "name": "debian-distro-debian-12", @@ -28062,7 +28101,7 @@ ] }, { - "bom-ref": "urn:uuid:39305d25-38e4-4961-8469-093a76a148c2", + "bom-ref": "urn:uuid:8350fa84-b994-4bbc-b689-28b49ae38af0", "id": "CVE-2015-3276", "source": { "name": "debian-distro-debian-12", @@ -28095,7 +28134,7 @@ ] }, { - "bom-ref": "urn:uuid:efd4a5d7-901d-4c19-9102-98cb24fd697e", + "bom-ref": "urn:uuid:713aad29-8e49-4328-8b6d-e3cac6a37cfe", "id": "CVE-2015-9019", "source": { "name": "debian-distro-debian-12", @@ -28128,7 +28167,7 @@ ] }, { - "bom-ref": "urn:uuid:6a570fb6-9a69-4cec-b5e7-8457d2a61de5", + "bom-ref": "urn:uuid:abc1d330-5ef8-4920-9c8d-125513539d48", "id": "CVE-2016-2781", "source": { "name": "debian-distro-debian-12", @@ -28161,7 +28200,7 @@ ] }, { - "bom-ref": "urn:uuid:325890f4-cccc-4487-b245-8eb0cf746da2", + "bom-ref": "urn:uuid:f97d1754-d80a-4e10-8606-15f7156153dd", "id": "CVE-2017-14159", "source": { "name": "debian-distro-debian-12", @@ -28194,7 +28233,7 @@ ] }, { - "bom-ref": "urn:uuid:88754967-b0b6-40da-a568-1b857b85c182", + "bom-ref": "urn:uuid:7a444daf-e8e4-4e76-a3a8-da81fa92dddd", "id": "CVE-2017-14159", "source": { "name": "debian-distro-debian-12", @@ -28227,7 +28266,7 @@ ] }, { - "bom-ref": "urn:uuid:8193dffc-8888-448b-83d2-91d811243140", + "bom-ref": "urn:uuid:727f42d1-7c92-4b9e-9878-2a241cc3f305", "id": "CVE-2017-17740", "source": { "name": "debian-distro-debian-12", @@ -28260,7 +28299,7 @@ ] }, { - "bom-ref": "urn:uuid:5cb537f0-7ffe-4ed0-a3d8-b4055e2dc25d", + "bom-ref": "urn:uuid:3024da76-3b81-46bd-a28e-0696f943e6d1", "id": "CVE-2017-17740", "source": { "name": "debian-distro-debian-12", @@ -28293,7 +28332,7 @@ ] }, { - "bom-ref": "urn:uuid:2020b3d1-614d-44e7-b97a-06ae18bfb08a", + "bom-ref": "urn:uuid:31906ec6-cb67-44ce-940c-9daa31d8aa49", "id": "CVE-2017-18018", "source": { "name": "debian-distro-debian-12", @@ -28326,7 +28365,7 @@ ] }, { - "bom-ref": "urn:uuid:f52ddeb6-235b-48ea-97b2-c3199ae7f453", + "bom-ref": "urn:uuid:754fe3e0-c1c0-4ccc-a0aa-aa7117a6f79a", "id": "CVE-2018-20796", "source": { "name": "debian-distro-debian-12", @@ -28359,7 +28398,7 @@ ] }, { - "bom-ref": "urn:uuid:7363c966-c2ac-4bbe-9a2d-33e91792f17d", + "bom-ref": "urn:uuid:1ec937d3-911c-4000-ad4a-9aa308f4d441", "id": "CVE-2018-20796", "source": { "name": "debian-distro-debian-12", @@ -28392,7 +28431,7 @@ ] }, { - "bom-ref": "urn:uuid:43cf7089-e815-47ce-a787-30c4aaf6bcb2", + "bom-ref": "urn:uuid:444bbc50-b7b3-4f35-81c1-5f8de4477c99", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -28425,7 +28464,7 @@ ] }, { - "bom-ref": "urn:uuid:cebc4409-8e4b-4182-894a-a5dd7832e44e", + "bom-ref": "urn:uuid:94601f6e-73fb-401c-af2b-7720914f1338", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -28458,7 +28497,7 @@ ] }, { - "bom-ref": "urn:uuid:2944acc8-3d4d-4671-902c-b01a8aaf2943", + "bom-ref": "urn:uuid:c5ecfc13-ade1-4952-9fb7-f48935913787", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -28491,7 +28530,7 @@ ] }, { - "bom-ref": "urn:uuid:61d33687-90cc-4445-ba7d-d1702bffc334", + "bom-ref": "urn:uuid:2da5dbe6-0d26-4f00-87c1-e729da01a407", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -28524,7 +28563,7 @@ ] }, { - "bom-ref": "urn:uuid:3239926c-5803-4005-afbd-c64c32943e3a", + "bom-ref": "urn:uuid:2799e2ae-da55-40c3-a7c9-0bdc25546c00", "id": "CVE-2018-6829", "source": { "name": "debian-distro-debian-12", @@ -28557,7 +28596,7 @@ ] }, { - "bom-ref": "urn:uuid:beb4ff7b-e1a0-48dd-a710-25af02d44f1a", + "bom-ref": "urn:uuid:1f7d6fde-5b72-4ba4-b4f1-332c8433bb2b", "id": "CVE-2019-1010022", "source": { "name": "debian-distro-debian-12", @@ -28590,7 +28629,7 @@ ] }, { - "bom-ref": "urn:uuid:04a04cd2-4e04-400a-b70f-c93f49aaf0e3", + "bom-ref": "urn:uuid:5c12d96c-20bd-4bcb-a4be-c37cf3049668", "id": "CVE-2019-1010022", "source": { "name": "debian-distro-debian-12", @@ -28623,7 +28662,7 @@ ] }, { - "bom-ref": "urn:uuid:dc30022a-a68c-4a18-b6bc-8bc8127eb263", + "bom-ref": "urn:uuid:c35b3471-f942-41d5-a0c0-c0446be1692a", "id": "CVE-2019-1010023", "source": { "name": "debian-distro-debian-12", @@ -28656,7 +28695,7 @@ ] }, { - "bom-ref": "urn:uuid:708b78f8-67cd-4ff3-a39c-c749d1d5a10a", + "bom-ref": "urn:uuid:fefe7a92-fbfd-40db-a038-a700312d3fda", "id": "CVE-2019-1010023", "source": { "name": "debian-distro-debian-12", @@ -28689,7 +28728,7 @@ ] }, { - "bom-ref": "urn:uuid:b8ea9905-8725-4d20-97ce-40366d6cc66a", + "bom-ref": "urn:uuid:ccbd74a7-3765-4a91-a349-ee0717e8f32b", "id": "CVE-2019-1010024", "source": { "name": "debian-distro-debian-12", @@ -28722,7 +28761,7 @@ ] }, { - "bom-ref": "urn:uuid:9db64e39-6820-432e-abfc-689c9c81791b", + "bom-ref": "urn:uuid:413eed81-9f1d-40ad-ad8b-53ef08b34a7e", "id": "CVE-2019-1010024", "source": { "name": "debian-distro-debian-12", @@ -28755,7 +28794,7 @@ ] }, { - "bom-ref": "urn:uuid:a41587e5-9141-4d15-ae72-ef0acdc5b9ac", + "bom-ref": "urn:uuid:e71ce08b-3a5d-46b8-a371-14ad349bb7e7", "id": "CVE-2019-1010025", "source": { "name": "debian-distro-debian-12", @@ -28788,7 +28827,7 @@ ] }, { - "bom-ref": "urn:uuid:6cd7b9e1-329c-433b-b179-3b81cce323c2", + "bom-ref": "urn:uuid:29169f8c-a284-42d0-bcea-197ce57d84de", "id": "CVE-2019-1010025", "source": { "name": "debian-distro-debian-12", @@ -28821,7 +28860,7 @@ ] }, { - "bom-ref": "urn:uuid:42c347a0-5c0c-42b7-821c-3d8408f4c51a", + "bom-ref": "urn:uuid:31813b2c-466d-493f-88c8-171b280190f2", "id": "CVE-2019-19882", "source": { "name": "debian-distro-debian-12", @@ -28854,7 +28893,7 @@ ] }, { - "bom-ref": "urn:uuid:bf333006-fffb-4d28-bdad-a9544e2c9da2", + "bom-ref": "urn:uuid:6e4aa16f-777e-42a2-9321-b7f7482b9b70", "id": "CVE-2019-19882", "source": { "name": "debian-distro-debian-12", @@ -28887,7 +28926,7 @@ ] }, { - "bom-ref": "urn:uuid:c4fcc47c-0dba-44a5-b2d0-f9e17b2517df", + "bom-ref": "urn:uuid:1eaeb164-fc75-4e6a-8b40-c21e4971828c", "id": "CVE-2019-9192", "source": { "name": "debian-distro-debian-12", @@ -28920,7 +28959,7 @@ ] }, { - "bom-ref": "urn:uuid:192577c7-9f7a-4e4a-9724-121394d2fc39", + "bom-ref": "urn:uuid:727779c1-3ffc-4dd1-bd6b-5a121200587d", "id": "CVE-2019-9192", "source": { "name": "debian-distro-debian-12", @@ -28953,7 +28992,7 @@ ] }, { - "bom-ref": "urn:uuid:201a5a2e-bcd3-4803-958d-92c921ba5971", + "bom-ref": "urn:uuid:1355572b-70da-4d42-883c-d251a79dbb7f", "id": "CVE-2020-15719", "source": { "name": "debian-distro-debian-12", @@ -28986,7 +29025,7 @@ ] }, { - "bom-ref": "urn:uuid:61968ea1-7bbe-4dda-bd79-6eb3d648547a", + "bom-ref": "urn:uuid:cd06061c-8ca2-4ead-9e48-a7505876a33e", "id": "CVE-2020-15719", "source": { "name": "debian-distro-debian-12", @@ -29019,7 +29058,7 @@ ] }, { - "bom-ref": "urn:uuid:72f12c8e-7278-4906-80e0-8e49be8b7e46", + "bom-ref": "urn:uuid:47f15442-c716-494d-b0ba-9350e7cd2834", "id": "CVE-2021-45346", "source": { "name": "debian-distro-debian-12", @@ -29052,7 +29091,7 @@ ] }, { - "bom-ref": "urn:uuid:859b68f9-5b14-4ea8-8509-364c8ba91f57", + "bom-ref": "urn:uuid:86c3a38f-ed77-40df-919e-94baaec3d2dd", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -29085,7 +29124,7 @@ ] }, { - "bom-ref": "urn:uuid:08dc6659-2243-40f0-be9f-85810421bd15", + "bom-ref": "urn:uuid:a86acef9-ba88-4e37-99fc-b95489a17412", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -29118,7 +29157,7 @@ ] }, { - "bom-ref": "urn:uuid:0c721d3e-65a6-4c04-8273-4a7273106523", + "bom-ref": "urn:uuid:1a899413-fb59-4eb8-aa13-7c3da98e0f25", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -29151,7 +29190,7 @@ ] }, { - "bom-ref": "urn:uuid:adb2beb5-dd38-43f7-9a16-78803b1837d0", + "bom-ref": "urn:uuid:35c40e2f-208b-49dc-9a42-14608afd67b4", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -29184,7 +29223,7 @@ ] }, { - "bom-ref": "urn:uuid:e63f39ce-61a2-443f-9446-81c2f76c9e5e", + "bom-ref": "urn:uuid:ba69a584-5ef0-4abd-b72f-ff3f192a2500", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -29217,7 +29256,7 @@ ] }, { - "bom-ref": "urn:uuid:32ac0ea4-6836-4c00-a64d-e6818632f964", + "bom-ref": "urn:uuid:a8a7b4d9-5d55-4190-9402-cf2d516cf924", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -29250,7 +29289,7 @@ ] }, { - "bom-ref": "urn:uuid:123c9916-0c9a-47df-962f-7bd3d637f213", + "bom-ref": "urn:uuid:7a62feff-de3d-42f2-a4d5-486361f8fc5f", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -29283,7 +29322,7 @@ ] }, { - "bom-ref": "urn:uuid:b0a83052-4067-4989-9134-d3d00926dea8", + "bom-ref": "urn:uuid:f115e229-eb9f-4d36-9fe9-5c40b1d0b3ff", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -29316,7 +29355,7 @@ ] }, { - "bom-ref": "urn:uuid:35c9d97a-4020-421a-a835-bd0b8b1803e9", + "bom-ref": "urn:uuid:f20610bf-afb4-4fec-883b-535013e797d0", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -29349,7 +29388,7 @@ ] }, { - "bom-ref": "urn:uuid:f93ecf9f-5064-498c-a0f1-f6dd9154b29e", + "bom-ref": "urn:uuid:044f5bd1-e123-44f0-8ac3-76442fbfcb96", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -29382,7 +29421,7 @@ ] }, { - "bom-ref": "urn:uuid:601e4b0b-3727-43bb-9201-280e9c0677c7", + "bom-ref": "urn:uuid:3bbd6142-a90c-414e-a19b-5f4c40633768", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -29415,7 +29454,7 @@ ] }, { - "bom-ref": "urn:uuid:8a20e7ff-1e6f-493f-ad0d-47a7c877b3d2", + "bom-ref": "urn:uuid:32959dac-fc63-459b-84d9-5e3ba73ebbc5", "id": "CVE-2022-3219", "source": { "name": "debian-distro-debian-12", @@ -29448,7 +29487,52 @@ ] }, { - "bom-ref": "urn:uuid:38e4a5c9-995b-4cff-bfb7-bf227daaa4c7", + "bom-ref": "urn:uuid:9ffcbaf6-ccfd-415d-94fc-20f8e4c9110a", + "id": "CVE-2023-24531", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24531" + }, + "references": [ + { + "id": "CVE-2023-24531", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24531" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "description": "Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is relatively minor because, in general, if an attacker can set arbitrary environment variables on a system, they have better attack vectors than making \"go env\" print them out.", + "advisories": [ + { + "url": "https://go.dev/cl/488375" + }, + { + "url": "https://go.dev/cl/493535" + }, + { + "url": "https://go.dev/issue/58508" + }, + { + "url": "https://groups.google.com/g/golang-dev/c/ixHOFpSbajE/m/8EjlbKVWAwAJ" + }, + { + "url": "https://pkg.go.dev/vuln/GO-2024-2962" + } + ], + "affects": [ + { + "ref": "pkg:golang/stdlib@1.19.8?package-id=70d69a89c5ad3244" + } + ] + }, + { + "bom-ref": "urn:uuid:19203a5a-aff7-4a14-8f8a-6effe607f005", "id": "CVE-2023-24539", "source": { "name": "nvd-cpe", @@ -29493,7 +29577,7 @@ ] }, { - "bom-ref": "urn:uuid:a4987b1d-83a6-4e4f-86b1-08d1a7326b33", + "bom-ref": "urn:uuid:d01e7cc2-0c25-4c3a-b98b-8e8ab8db3374", "id": "CVE-2023-24540", "source": { "name": "nvd-cpe", @@ -29538,7 +29622,7 @@ ] }, { - "bom-ref": "urn:uuid:1014853f-9073-4e9a-9d44-abd16660f5ca", + "bom-ref": "urn:uuid:5f850968-d095-4413-bc34-16287d14041e", "id": "CVE-2023-29383", "source": { "name": "debian-distro-debian-12", @@ -29571,7 +29655,7 @@ ] }, { - "bom-ref": "urn:uuid:531a0b0c-c582-4bb9-a6fb-18c18f4aed2d", + "bom-ref": "urn:uuid:e728033d-18c3-48a2-84eb-1d397277a70b", "id": "CVE-2023-29383", "source": { "name": "debian-distro-debian-12", @@ -29604,7 +29688,7 @@ ] }, { - "bom-ref": "urn:uuid:d98e5e5d-d8ae-409c-b77e-4c1344fe5b86", + "bom-ref": "urn:uuid:c53c95b9-2d46-4380-b578-57fb083ef3a5", "id": "CVE-2023-29400", "source": { "name": "nvd-cpe", @@ -29649,7 +29733,7 @@ ] }, { - "bom-ref": "urn:uuid:74296dc8-7664-4e5b-b370-08aa0381d8f1", + "bom-ref": "urn:uuid:0e169981-04b5-42cf-90aa-ebd73517c60b", "id": "CVE-2023-29402", "source": { "name": "nvd-cpe", @@ -29703,7 +29787,7 @@ ] }, { - "bom-ref": "urn:uuid:b6f273f4-2822-4921-968b-925354d1ef13", + "bom-ref": "urn:uuid:293e3791-d4fd-4243-b51d-dc8effceacea", "id": "CVE-2023-29403", "source": { "name": "nvd-cpe", @@ -29757,7 +29841,7 @@ ] }, { - "bom-ref": "urn:uuid:39fa7c03-8f19-4ea3-ab43-d46a36642a14", + "bom-ref": "urn:uuid:db8f0c8b-1e9c-4872-a2f2-8f6b075295d6", "id": "CVE-2023-29404", "source": { "name": "nvd-cpe", @@ -29811,7 +29895,7 @@ ] }, { - "bom-ref": "urn:uuid:75f26549-baff-45d8-8808-4afeb939722d", + "bom-ref": "urn:uuid:f7caad3d-c6e5-4cd9-b49b-bc71de1d3009", "id": "CVE-2023-29405", "source": { "name": "nvd-cpe", @@ -29865,7 +29949,7 @@ ] }, { - "bom-ref": "urn:uuid:53a7a907-c73a-417f-8c04-e30176171b70", + "bom-ref": "urn:uuid:2ea6f88a-114e-42f6-82e3-02ee9d46970f", "id": "CVE-2023-29406", "source": { "name": "nvd-cpe", @@ -29916,7 +30000,7 @@ ] }, { - "bom-ref": "urn:uuid:eec01803-e9e2-4fe1-9821-d7c67cf47584", + "bom-ref": "urn:uuid:78a2856f-0c65-49f8-ac47-0fd8d26addc4", "id": "CVE-2023-29409", "source": { "name": "nvd-cpe", @@ -29967,7 +30051,7 @@ ] }, { - "bom-ref": "urn:uuid:f1cea4c3-c72e-4ac3-b8f2-2a7dbdf016bd", + "bom-ref": "urn:uuid:e2308e31-9730-4d48-9403-07eb2805700c", "id": "CVE-2023-2953", "source": { "name": "debian-distro-debian-12", @@ -30000,7 +30084,7 @@ ] }, { - "bom-ref": "urn:uuid:3eb53f9a-97fd-4480-b942-2f7760133ce6", + "bom-ref": "urn:uuid:33dda51b-d512-4f51-86e5-b57b5f79211e", "id": "CVE-2023-2953", "source": { "name": "debian-distro-debian-12", @@ -30033,7 +30117,7 @@ ] }, { - "bom-ref": "urn:uuid:a3572074-474e-4936-a73b-577ddca0fbfe", + "bom-ref": "urn:uuid:fbf3c150-d431-44ac-b351-28b52d7871cf", "id": "CVE-2023-31437", "source": { "name": "debian-distro-debian-12", @@ -30061,12 +30145,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22" + "ref": "pkg:deb/debian/libsystemd0@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=feb617e488eec05e" } ] }, { - "bom-ref": "urn:uuid:9d3918b1-4737-44fb-ada8-72161a8b37af", + "bom-ref": "urn:uuid:f4997aba-cf46-42b1-b283-f19ee648f827", "id": "CVE-2023-31437", "source": { "name": "debian-distro-debian-12", @@ -30094,12 +30178,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libudev1@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=149f02d90873ce5b" + "ref": "pkg:deb/debian/libudev1@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=aa55696d3d1d7cba" } ] }, { - "bom-ref": "urn:uuid:d09d0efe-4888-4d10-9d8a-d1b2b5fcc9c6", + "bom-ref": "urn:uuid:1c062ddc-628f-493d-a268-797ca691e53e", "id": "CVE-2023-31438", "source": { "name": "debian-distro-debian-12", @@ -30127,12 +30211,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22" + "ref": "pkg:deb/debian/libsystemd0@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=feb617e488eec05e" } ] }, { - "bom-ref": "urn:uuid:87a3aba5-19c1-40ec-a62e-c9fbfb6434b8", + "bom-ref": "urn:uuid:2f623fa8-e91d-40e4-9591-061c2631803d", "id": "CVE-2023-31438", "source": { "name": "debian-distro-debian-12", @@ -30160,12 +30244,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libudev1@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=149f02d90873ce5b" + "ref": "pkg:deb/debian/libudev1@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=aa55696d3d1d7cba" } ] }, { - "bom-ref": "urn:uuid:9b409ced-1c5b-448d-b5c8-4d509357936d", + "bom-ref": "urn:uuid:70c02223-9aa0-4d68-8c24-564dc9eb95fe", "id": "CVE-2023-31439", "source": { "name": "debian-distro-debian-12", @@ -30193,12 +30277,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22" + "ref": "pkg:deb/debian/libsystemd0@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=feb617e488eec05e" } ] }, { - "bom-ref": "urn:uuid:79f30fd4-c0f4-4bf1-b9a1-1996f8a72007", + "bom-ref": "urn:uuid:be5dbe60-2e1a-442d-a773-0e3083a8ed74", "id": "CVE-2023-31439", "source": { "name": "debian-distro-debian-12", @@ -30226,12 +30310,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libudev1@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=149f02d90873ce5b" + "ref": "pkg:deb/debian/libudev1@252.26-1~deb12u2?arch=amd64&upstream=systemd&distro=debian-12&package-id=aa55696d3d1d7cba" } ] }, { - "bom-ref": "urn:uuid:f16a6bb8-be0c-4a8a-b1cc-0c6b88e80919", + "bom-ref": "urn:uuid:5f5e3217-b4f6-4910-abe0-180d012dc11c", "id": "CVE-2023-31484", "source": { "name": "debian-distro-debian-12", @@ -30264,7 +30348,7 @@ ] }, { - "bom-ref": "urn:uuid:e7de0e1e-649b-44b5-a4fc-0e9abc91ccb3", + "bom-ref": "urn:uuid:9aeed367-0d31-4de8-8c67-c4d9f8af246c", "id": "CVE-2023-31486", "source": { "name": "debian-distro-debian-12", @@ -30297,7 +30381,7 @@ ] }, { - "bom-ref": "urn:uuid:a8f2ed4c-bcd1-4214-af6f-b98d156c4ca2", + "bom-ref": "urn:uuid:de536c62-f0eb-4b85-8dec-3894503ff550", "id": "CVE-2023-39318", "source": { "name": "nvd-cpe", @@ -30348,7 +30432,7 @@ ] }, { - "bom-ref": "urn:uuid:9cdcce7e-9bb9-4899-87d7-40e7f145a861", + "bom-ref": "urn:uuid:0f2e3b34-1deb-4bc9-aa95-67a0756133f5", "id": "CVE-2023-39319", "source": { "name": "nvd-cpe", @@ -30399,7 +30483,7 @@ ] }, { - "bom-ref": "urn:uuid:de301da1-9b05-4fc2-84cf-3170a375f194", + "bom-ref": "urn:uuid:6cead260-9d5f-48d7-97d1-d32b93793246", "id": "CVE-2023-39323", "source": { "name": "nvd-cpe", @@ -30459,7 +30543,7 @@ ] }, { - "bom-ref": "urn:uuid:479a92eb-eed8-4e6d-99cb-f03c326221c8", + "bom-ref": "urn:uuid:03d5a24c-8099-46b9-929f-3a2f831c0fc8", "id": "CVE-2023-39326", "source": { "name": "nvd-cpe", @@ -30507,7 +30591,7 @@ ] }, { - "bom-ref": "urn:uuid:0d1bce54-6aad-4937-8a76-c1735fd09e9e", + "bom-ref": "urn:uuid:5bfb7765-5af9-4404-b5f0-53d0bdf12bce", "id": "CVE-2023-39615", "source": { "name": "debian-distro-debian-12", @@ -30540,7 +30624,7 @@ ] }, { - "bom-ref": "urn:uuid:2af823f7-2e27-4fe8-9627-4d1515724141", + "bom-ref": "urn:uuid:1abd8668-381f-4a6d-91f2-f8e135ce9fd5", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -30573,7 +30657,7 @@ ] }, { - "bom-ref": "urn:uuid:ee5aac63-16ec-4929-a302-c73eb133d0ba", + "bom-ref": "urn:uuid:b6f42f16-4a69-463d-b245-c9f5417ef09d", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -30606,7 +30690,7 @@ ] }, { - "bom-ref": "urn:uuid:bc87681c-3a88-484e-b97f-c3fbaccb3c05", + "bom-ref": "urn:uuid:0bb372f6-e7e6-4779-aa69-43d41c1549a2", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -30639,7 +30723,7 @@ ] }, { - "bom-ref": "urn:uuid:c4ffa255-4fd7-45d0-82df-efc763b9c577", + "bom-ref": "urn:uuid:eb1fedba-a547-4e45-9b72-c283176dce38", "id": "CVE-2023-44487", "source": { "name": "nvd-cpe", @@ -31092,7 +31176,7 @@ ] }, { - "bom-ref": "urn:uuid:2ac61044-ca43-4efe-83f2-7df2393e842b", + "bom-ref": "urn:uuid:ab6a7831-1e06-481f-a3b6-e9b7a88a156d", "id": "CVE-2023-45285", "source": { "name": "nvd-cpe", @@ -31140,7 +31224,7 @@ ] }, { - "bom-ref": "urn:uuid:3ed7505c-fc68-4bed-ad8b-6e8064faece3", + "bom-ref": "urn:uuid:f5115b5a-2e10-4c90-bdbd-3c6149548c04", "id": "CVE-2023-45287", "source": { "name": "nvd-cpe", @@ -31191,7 +31275,7 @@ ] }, { - "bom-ref": "urn:uuid:4c2185db-9793-4c5d-bbdd-95d7b3743ae9", + "bom-ref": "urn:uuid:b3100a51-98e9-4ef3-8510-d3c55d20ba33", "id": "CVE-2023-45288", "source": { "name": "nvd-cpe", @@ -31245,7 +31329,7 @@ ] }, { - "bom-ref": "urn:uuid:c6e69c68-e87a-4443-959f-26c605290435", + "bom-ref": "urn:uuid:634ee559-a609-45b7-8d20-6673bb27e7a5", "id": "CVE-2023-45289", "source": { "name": "nvd-cpe", @@ -31293,7 +31377,7 @@ ] }, { - "bom-ref": "urn:uuid:ba365713-f549-4990-b172-440d261b80a0", + "bom-ref": "urn:uuid:771c24ec-781a-4bc3-9389-f3f68fd1590b", "id": "CVE-2023-45290", "source": { "name": "nvd-cpe", @@ -31341,7 +31425,7 @@ ] }, { - "bom-ref": "urn:uuid:b3e47d27-5cd7-485e-92fa-f104cab07e69", + "bom-ref": "urn:uuid:ecd183a8-ee83-4533-ab8e-1209d6a5f6be", "id": "CVE-2023-45322", "source": { "name": "debian-distro-debian-12", @@ -31374,7 +31458,7 @@ ] }, { - "bom-ref": "urn:uuid:8431613d-a040-41bb-b4e7-329462ef530a", + "bom-ref": "urn:uuid:78e35ac1-9624-4acc-86f4-711367aa4a66", "id": "CVE-2023-45853", "source": { "name": "debian-distro-debian-12", @@ -31407,7 +31491,7 @@ ] }, { - "bom-ref": "urn:uuid:dcb06e21-1665-4017-bfeb-720ced09eac0", + "bom-ref": "urn:uuid:3a24f975-ea19-4de4-b9b2-ce3958d84ae6", "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", @@ -31440,7 +31524,7 @@ ] }, { - "bom-ref": "urn:uuid:ba568277-6931-467e-9bb5-98275048792e", + "bom-ref": "urn:uuid:513c20b2-a1df-4a2b-9030-e8426d30a9a5", "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", @@ -31473,7 +31557,7 @@ ] }, { - "bom-ref": "urn:uuid:29803b81-af29-4ae2-91c3-b4158cd0b84b", + "bom-ref": "urn:uuid:82f45866-339e-443b-8e68-23ba05834a33", "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", @@ -31506,7 +31590,7 @@ ] }, { - "bom-ref": "urn:uuid:bf8bb8f2-80cc-40f6-9b3a-62cb6dd734d6", + "bom-ref": "urn:uuid:5bf57747-0680-4137-b65b-8dd57de397d3", "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", @@ -31539,7 +31623,7 @@ ] }, { - "bom-ref": "urn:uuid:79abef1f-0742-4b99-a7e2-577da173d757", + "bom-ref": "urn:uuid:af6eeede-bb9f-4ca4-a060-e601ae921de6", "id": "CVE-2023-4641", "source": { "name": "debian-distro-debian-12", @@ -31572,7 +31656,7 @@ ] }, { - "bom-ref": "urn:uuid:8d8f38da-8e09-40b6-b505-bef930ad31fc", + "bom-ref": "urn:uuid:d4a61ca9-af7f-4fc7-8067-61cc16ca6292", "id": "CVE-2023-4641", "source": { "name": "debian-distro-debian-12", @@ -31605,73 +31689,73 @@ ] }, { - "bom-ref": "urn:uuid:68e8f542-b20b-4b57-ae36-1cab63cf96e5", - "id": "CVE-2023-50387", + "bom-ref": "urn:uuid:4cd2f31b-f088-4ef7-8013-2aa3f4024dd4", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50387" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" }, "references": [ { - "id": "CVE-2023-50387", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50387" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } } ], "ratings": [ { - "severity": "high" + "severity": "medium" } ], - "description": "Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.", + "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50387" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } ], "affects": [ { - "ref": "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22" + "ref": "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=b28e3ac301f1527b" } ] }, { - "bom-ref": "urn:uuid:f666f606-37a5-42ea-a528-8361f329043a", - "id": "CVE-2023-50387", + "bom-ref": "urn:uuid:180cb498-1558-45f3-8009-9bb9c45e2b29", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50387" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" }, "references": [ { - "id": "CVE-2023-50387", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50387" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } } ], "ratings": [ { - "severity": "high" + "severity": "medium" } ], - "description": "Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.", + "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50387" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } ], "affects": [ { - "ref": "pkg:deb/debian/libudev1@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=149f02d90873ce5b" + "ref": "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=16ce3f9a5a6f08b5" } ] }, { - "bom-ref": "urn:uuid:1065cdbd-8080-4a6a-9d48-7b26280ec7c4", + "bom-ref": "urn:uuid:5a0b3d8f-8432-4fbb-9d50-47c9af6bc3be", "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", @@ -31699,12 +31783,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=b28e3ac301f1527b" + "ref": "pkg:deb/debian/ncurses-base@6.4-4?arch=all&upstream=ncurses&distro=debian-12&package-id=8c0c5df11623bec9" } ] }, { - "bom-ref": "urn:uuid:dd30ba69-c130-4f40-81df-e7dc797e0a95", + "bom-ref": "urn:uuid:74a55d38-ed57-4a69-a913-0fb1ff71f7c7", "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", @@ -31732,221 +31816,221 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=16ce3f9a5a6f08b5" + "ref": "pkg:deb/debian/ncurses-bin@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=ddeb6215c71a51d7" } ] }, { - "bom-ref": "urn:uuid:964befc6-8fd7-4bb1-9768-d9d719f14b60", - "id": "CVE-2023-50495", + "bom-ref": "urn:uuid:e03dd86a-72ea-43a8-a9e2-2688db10127b", + "id": "CVE-2023-52425", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" }, "references": [ { - "id": "CVE-2023-50495", + "id": "CVE-2023-52425", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" } } ], "ratings": [ { - "severity": "medium" + "severity": "high" } ], - "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", + "description": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" } ], "affects": [ { - "ref": "pkg:deb/debian/ncurses-base@6.4-4?arch=all&upstream=ncurses&distro=debian-12&package-id=8c0c5df11623bec9" + "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=647da6a471c14b1e" } ] }, { - "bom-ref": "urn:uuid:631c193d-b9d6-4b32-9c38-cd89deee25f9", - "id": "CVE-2023-50495", + "bom-ref": "urn:uuid:f10543ff-d289-4052-92da-7e60cffa3054", + "id": "CVE-2023-52426", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" }, "references": [ { - "id": "CVE-2023-50495", + "id": "CVE-2023-52426", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" } } ], "ratings": [ { - "severity": "medium" + "severity": "none" } ], - "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", + "description": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" } ], "affects": [ { - "ref": "pkg:deb/debian/ncurses-bin@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=ddeb6215c71a51d7" + "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=647da6a471c14b1e" } ] }, { - "bom-ref": "urn:uuid:cfb922e6-3cae-4140-bd91-85c138430aa5", - "id": "CVE-2023-50868", + "bom-ref": "urn:uuid:d08a0c40-ffbd-48eb-a511-5521f4573769", + "id": "CVE-2023-7104", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50868" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-7104" }, "references": [ { - "id": "CVE-2023-50868", + "id": "CVE-2023-7104", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50868" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-7104" } } ], "ratings": [ { - "severity": "unknown" + "severity": "high" } ], - "description": "The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the \"NSEC3\" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.", + "description": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50868" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-7104" } ], "affects": [ { - "ref": "pkg:deb/debian/libsystemd0@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=eec74e7c5122eb22" + "ref": "pkg:deb/debian/libsqlite3-0@3.40.1-2?arch=amd64&upstream=sqlite3&distro=debian-12&package-id=d3ca818e62b6ef39" } ] }, { - "bom-ref": "urn:uuid:c21306e9-2afc-4855-b239-c4b035c42249", - "id": "CVE-2023-50868", + "bom-ref": "urn:uuid:0ea9f020-85f6-46ae-a692-dae8e6a6af29", + "id": "CVE-2024-0232", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50868" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-0232" }, "references": [ { - "id": "CVE-2023-50868", + "id": "CVE-2024-0232", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50868" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-0232" } } ], "ratings": [ { - "severity": "unknown" + "severity": "medium" } ], - "description": "The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the \"NSEC3\" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.", + "description": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50868" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-0232" } ], "affects": [ { - "ref": "pkg:deb/debian/libudev1@252.22-1~deb12u1?arch=amd64&upstream=systemd&distro=debian-12&package-id=149f02d90873ce5b" + "ref": "pkg:deb/debian/libsqlite3-0@3.40.1-2?arch=amd64&upstream=sqlite3&distro=debian-12&package-id=d3ca818e62b6ef39" } ] }, { - "bom-ref": "urn:uuid:11acaef8-abd3-4dc0-afa2-498e5dda75d3", - "id": "CVE-2023-52425", + "bom-ref": "urn:uuid:df6738fa-1c64-4868-8229-c858a67ba5a7", + "id": "CVE-2024-2236", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-2236" }, "references": [ { - "id": "CVE-2023-52425", + "id": "CVE-2024-2236", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-2236" } } ], "ratings": [ { - "severity": "high" + "severity": "medium" } ], - "description": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-2236" } ], "affects": [ { - "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=647da6a471c14b1e" + "ref": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12&package-id=56e66cdbccf3f7eb" } ] }, { - "bom-ref": "urn:uuid:e8fc4e6c-8f7a-49c5-9c28-a0c09c6ec507", - "id": "CVE-2023-52426", + "bom-ref": "urn:uuid:d627eb0d-0de9-41ce-97e1-d922a693d856", + "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" }, "references": [ { - "id": "CVE-2023-52426", + "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" } } ], "ratings": [ { - "severity": "none" + "severity": "medium" } ], - "description": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.", + "description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" } ], "affects": [ { - "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=647da6a471c14b1e" + "ref": "pkg:deb/debian/libpam-modules@1.5.2-6%2Bdeb12u1?arch=amd64&upstream=pam&distro=debian-12&package-id=12a018034482fe97" } ] }, { - "bom-ref": "urn:uuid:c07f5d56-dd8a-46f8-a841-3daa7383a225", - "id": "CVE-2023-5678", + "bom-ref": "urn:uuid:19be5bec-73dc-4267-9781-31ed8ce58a4b", + "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" }, "references": [ { - "id": "CVE-2023-5678", + "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" } } ], @@ -31955,31 +32039,31 @@ "severity": "medium" } ], - "description": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", + "description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" } ], "affects": [ { - "ref": "pkg:deb/debian/libssl-dev@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=d3dce58d6f1dd89b" + "ref": "pkg:deb/debian/libpam-modules-bin@1.5.2-6%2Bdeb12u1?arch=amd64&upstream=pam&distro=debian-12&package-id=46e088ca1b060624" } ] }, { - "bom-ref": "urn:uuid:72c919df-9da9-4d90-baa8-2537ec8b3576", - "id": "CVE-2023-5678", + "bom-ref": "urn:uuid:cbff00b3-e1d4-4cd5-a950-e74981cb96ca", + "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" }, "references": [ { - "id": "CVE-2023-5678", + "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" } } ], @@ -31988,31 +32072,31 @@ "severity": "medium" } ], - "description": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", + "description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" } ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" + "ref": "pkg:deb/debian/libpam-runtime@1.5.2-6%2Bdeb12u1?arch=all&upstream=pam&distro=debian-12&package-id=2fc0063e7584b704" } ] }, { - "bom-ref": "urn:uuid:28a9050e-9e56-4402-b3b3-cbde79feabd5", - "id": "CVE-2023-5678", + "bom-ref": "urn:uuid:4b83fbbb-b658-4a9e-aaa9-884edd66fd74", + "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" }, "references": [ { - "id": "CVE-2023-5678", + "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" } } ], @@ -32021,746 +32105,86 @@ "severity": "medium" } ], - "description": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", + "description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" } ], "affects": [ { - "ref": "pkg:deb/debian/openssl@3.0.11-1~deb12u2?arch=amd64&distro=debian-12&package-id=0919462d0d876880" + "ref": "pkg:deb/debian/libpam0g@1.5.2-6%2Bdeb12u1?arch=amd64&upstream=pam&distro=debian-12&package-id=9e3755175020009e" } ] }, { - "bom-ref": "urn:uuid:c71978fd-46b8-4446-97d5-1723fc40d0fa", - "id": "CVE-2023-6129", + "bom-ref": "urn:uuid:231d59ca-6ad6-4ae1-b88b-8c37a3f27b94", + "id": "CVE-2024-2379", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" }, "references": [ { - "id": "CVE-2023-6129", + "id": "CVE-2024-2379", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" } } ], "ratings": [ { - "severity": "medium" + "severity": "none" } ], - "description": "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector registers in a different order than they are saved. Thus the contents of some of these vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer PowerPC processors supporting the PowerISA 2.07 instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However unless the compiler uses the vector registers for storing pointers, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3. If this cipher is enabled on the server a malicious client can influence whether this AEAD cipher is used. This implies that TLS server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue.", + "description": "libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" } ], "affects": [ { - "ref": "pkg:deb/debian/libssl-dev@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=d3dce58d6f1dd89b" + "ref": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u6?arch=amd64&distro=debian-12&package-id=004f2529fac224aa" } ] }, { - "bom-ref": "urn:uuid:c8e0f3bb-6212-4214-9dc4-e02bee53cb7a", - "id": "CVE-2023-6129", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" - }, - "references": [ - { - "id": "CVE-2023-6129", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector registers in a different order than they are saved. Thus the contents of some of these vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer PowerPC processors supporting the PowerISA 2.07 instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However unless the compiler uses the vector registers for storing pointers, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3. If this cipher is enabled on the server a malicious client can influence whether this AEAD cipher is used. This implies that TLS server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" - } - ] - }, - { - "bom-ref": "urn:uuid:91715e37-bfd4-4645-8037-2f9fed1bccee", - "id": "CVE-2023-6129", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" - }, - "references": [ - { - "id": "CVE-2023-6129", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector registers in a different order than they are saved. Thus the contents of some of these vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer PowerPC processors supporting the PowerISA 2.07 instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However unless the compiler uses the vector registers for storing pointers, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3. If this cipher is enabled on the server a malicious client can influence whether this AEAD cipher is used. This implies that TLS server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/openssl@3.0.11-1~deb12u2?arch=amd64&distro=debian-12&package-id=0919462d0d876880" - } - ] - }, - { - "bom-ref": "urn:uuid:802aa3a3-beef-4223-9187-12608849f4d5", - "id": "CVE-2023-6237", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" - }, - "references": [ - { - "id": "CVE-2023-6237", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the '-pubin' and '-check' options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libssl-dev@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=d3dce58d6f1dd89b" - } - ] - }, - { - "bom-ref": "urn:uuid:f262b934-d190-40d8-9c2a-522f72e8eb9e", - "id": "CVE-2023-6237", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" - }, - "references": [ - { - "id": "CVE-2023-6237", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the '-pubin' and '-check' options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" - } - ] - }, - { - "bom-ref": "urn:uuid:c67c6d7c-92a1-4799-8a9d-73c75be368bd", - "id": "CVE-2023-6237", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" - }, - "references": [ - { - "id": "CVE-2023-6237", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the '-pubin' and '-check' options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/openssl@3.0.11-1~deb12u2?arch=amd64&distro=debian-12&package-id=0919462d0d876880" - } - ] - }, - { - "bom-ref": "urn:uuid:ab52401a-5d3e-43a4-8ccd-d6ee5f4ce20e", - "id": "CVE-2023-7104", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-7104" - }, - "references": [ - { - "id": "CVE-2023-7104", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-7104" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-7104" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libsqlite3-0@3.40.1-2?arch=amd64&upstream=sqlite3&distro=debian-12&package-id=d3ca818e62b6ef39" - } - ] - }, - { - "bom-ref": "urn:uuid:74df4e4b-9fd3-4793-a5b6-77e322f2226d", - "id": "CVE-2024-0232", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0232" - }, - "references": [ - { - "id": "CVE-2024-0232", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0232" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0232" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libsqlite3-0@3.40.1-2?arch=amd64&upstream=sqlite3&distro=debian-12&package-id=d3ca818e62b6ef39" - } - ] - }, - { - "bom-ref": "urn:uuid:782a7078-6433-4976-87d6-6b32a17d50be", - "id": "CVE-2024-0727", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - }, - "references": [ - { - "id": "CVE-2024-0727", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libssl-dev@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=d3dce58d6f1dd89b" - } - ] - }, - { - "bom-ref": "urn:uuid:5863e703-baf7-41a1-8047-0479277ef12b", - "id": "CVE-2024-0727", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - }, - "references": [ - { - "id": "CVE-2024-0727", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" - } - ] - }, - { - "bom-ref": "urn:uuid:b24d6b04-2e1d-4aef-bdc8-1eeca5ef3683", - "id": "CVE-2024-0727", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - }, - "references": [ - { - "id": "CVE-2024-0727", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/openssl@3.0.11-1~deb12u2?arch=amd64&distro=debian-12&package-id=0919462d0d876880" - } - ] - }, - { - "bom-ref": "urn:uuid:8254dba4-5a42-44c4-9524-c8d96376e326", - "id": "CVE-2024-2004", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2004" - }, - "references": [ - { - "id": "CVE-2024-2004", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2004" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled. curl --proto -all,-http http://curl.se The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2004" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=60eb7e4999f74148" - } - ] - }, - { - "bom-ref": "urn:uuid:d4247dff-2a72-475a-81a4-1f8816bf5eca", - "id": "CVE-2024-2004", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2004" - }, - "references": [ - { - "id": "CVE-2024-2004", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2004" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled. curl --proto -all,-http http://curl.se The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2004" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u5?arch=amd64&upstream=curl&distro=debian-12&package-id=3425ee7723f69b83" - } - ] - }, - { - "bom-ref": "urn:uuid:6df55242-3557-43f2-924a-a0fca5de285a", - "id": "CVE-2024-2236", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2236" - }, - "references": [ - { - "id": "CVE-2024-2236", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2236" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2236" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12&package-id=56e66cdbccf3f7eb" - } - ] - }, - { - "bom-ref": "urn:uuid:8db57969-87d2-4f29-b3d6-9a9a14aa9deb", - "id": "CVE-2024-22365", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - }, - "references": [ - { - "id": "CVE-2024-22365", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpam-modules@1.5.2-6%2Bdeb12u1?arch=amd64&upstream=pam&distro=debian-12&package-id=12a018034482fe97" - } - ] - }, - { - "bom-ref": "urn:uuid:0e2a3635-dd8e-4b32-9808-f29ff4839a99", - "id": "CVE-2024-22365", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - }, - "references": [ - { - "id": "CVE-2024-22365", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpam-modules-bin@1.5.2-6%2Bdeb12u1?arch=amd64&upstream=pam&distro=debian-12&package-id=46e088ca1b060624" - } - ] - }, - { - "bom-ref": "urn:uuid:d673206b-6ecc-4218-83b1-56f53105d1ea", - "id": "CVE-2024-22365", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - }, - "references": [ - { - "id": "CVE-2024-22365", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpam-runtime@1.5.2-6%2Bdeb12u1?arch=all&upstream=pam&distro=debian-12&package-id=2fc0063e7584b704" - } - ] - }, - { - "bom-ref": "urn:uuid:9a60a39e-05d1-4a10-af87-bbb31a3d0556", - "id": "CVE-2024-22365", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - }, - "references": [ - { - "id": "CVE-2024-22365", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-22365" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpam0g@1.5.2-6%2Bdeb12u1?arch=amd64&upstream=pam&distro=debian-12&package-id=9e3755175020009e" - } - ] - }, - { - "bom-ref": "urn:uuid:ab538809-5a5c-4e05-82ae-da443d47e3c7", - "id": "CVE-2024-2379", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" - }, - "references": [ - { - "id": "CVE-2024-2379", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" - } - } - ], - "ratings": [ - { - "severity": "none" - } - ], - "description": "libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=60eb7e4999f74148" - } - ] - }, - { - "bom-ref": "urn:uuid:b0d12a08-67ed-4565-97f5-06212b97f8c1", - "id": "CVE-2024-2379", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" - }, - "references": [ - { - "id": "CVE-2024-2379", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" - } - } - ], - "ratings": [ - { - "severity": "none" - } - ], - "description": "libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u5?arch=amd64&upstream=curl&distro=debian-12&package-id=3425ee7723f69b83" - } - ] - }, - { - "bom-ref": "urn:uuid:4b83d618-e87b-4ee4-b3df-84aa1ca77d7d", - "id": "CVE-2024-2398", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2398" - }, - "references": [ - { - "id": "CVE-2024-2398", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2398" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2398" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/curl@7.88.1-10%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=60eb7e4999f74148" - } - ] - }, - { - "bom-ref": "urn:uuid:0420dd40-c409-42a1-985c-12ecd56efba9", - "id": "CVE-2024-2398", + "bom-ref": "urn:uuid:fbfcb707-7590-4fdd-80cb-07feb426070f", + "id": "CVE-2024-2379", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2398" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" }, "references": [ { - "id": "CVE-2024-2398", + "id": "CVE-2024-2379", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2398" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" } } ], "ratings": [ { - "severity": "unknown" + "severity": "none" } ], - "description": "When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.", + "description": "libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-2398" + "url": "https://security-tracker.debian.org/tracker/CVE-2024-2379" } ], "affects": [ { - "ref": "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u5?arch=amd64&upstream=curl&distro=debian-12&package-id=3425ee7723f69b83" + "ref": "pkg:deb/debian/libcurl4@7.88.1-10%2Bdeb12u6?arch=amd64&upstream=curl&distro=debian-12&package-id=f9f0a840b5701b6c" } ] }, { - "bom-ref": "urn:uuid:780f8420-8dca-4274-b833-1c361ca8ede6", + "bom-ref": "urn:uuid:f890d78d-d60e-49b5-a508-acb70b290416", "id": "CVE-2024-24783", "source": { "name": "nvd-cpe", @@ -32808,7 +32232,7 @@ ] }, { - "bom-ref": "urn:uuid:928dcf3c-bc62-4d87-be78-59d9bd828220", + "bom-ref": "urn:uuid:1820fe2f-1eda-4946-9029-6550561d4c89", "id": "CVE-2024-24784", "source": { "name": "nvd-cpe", @@ -32856,7 +32280,7 @@ ] }, { - "bom-ref": "urn:uuid:9e9752d9-a88a-49b6-9111-0c6d5f04b068", + "bom-ref": "urn:uuid:f76729a9-7526-4a00-b6ee-6abd6df81479", "id": "CVE-2024-24785", "source": { "name": "nvd-cpe", @@ -32904,7 +32328,7 @@ ] }, { - "bom-ref": "urn:uuid:ec829bab-3820-4dbf-9b78-8a84e9203314", + "bom-ref": "urn:uuid:d5046038-5af0-4eec-975f-aa113ce4f4d5", "id": "CVE-2024-24787", "source": { "name": "nvd-cpe", @@ -32921,7 +32345,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 6.4, + "severity": "medium", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "description": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.", @@ -32952,7 +32379,7 @@ ] }, { - "bom-ref": "urn:uuid:3e2f4d18-4b5c-4d07-89f3-e7beac6a176c", + "bom-ref": "urn:uuid:08088593-48ed-47f3-bdcd-ba6b192bd144", "id": "CVE-2024-24789", "source": { "name": "nvd-cpe", @@ -32973,6 +32400,12 @@ "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" + }, + { + "score": 5.3, + "severity": "medium", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "description": "The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.", @@ -33003,7 +32436,7 @@ ] }, { - "bom-ref": "urn:uuid:cffe4317-e6f7-416a-bd6f-97fabae2623e", + "bom-ref": "urn:uuid:e3110e28-b1df-449a-b55b-625fd7988ddd", "id": "CVE-2024-24790", "source": { "name": "nvd-cpe", @@ -33051,7 +32484,49 @@ ] }, { - "bom-ref": "urn:uuid:e91f734f-61a3-4d1f-9e73-fa5385622174", + "bom-ref": "urn:uuid:81e6a557-7981-418a-bea1-5ff27ac2cd16", + "id": "CVE-2024-24791", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" + }, + "references": [ + { + "id": "CVE-2024-24791", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "description": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.", + "advisories": [ + { + "url": "https://go.dev/cl/591255" + }, + { + "url": "https://go.dev/issue/67555" + }, + { + "url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ" + }, + { + "url": "https://pkg.go.dev/vuln/GO-2024-2963" + } + ], + "affects": [ + { + "ref": "pkg:golang/stdlib@1.19.8?package-id=70d69a89c5ad3244" + } + ] + }, + { + "bom-ref": "urn:uuid:795f5da8-0a11-4de2-9813-a15d1d468ad7", "id": "CVE-2024-25062", "source": { "name": "debian-distro-debian-12", @@ -33084,7 +32559,7 @@ ] }, { - "bom-ref": "urn:uuid:997ef24c-a508-446e-abc3-888a5a7161fd", + "bom-ref": "urn:uuid:5f276f26-7f51-46d0-96de-278b65a3eb24", "id": "CVE-2024-2511", "source": { "name": "debian-distro-debian-12", @@ -33112,12 +32587,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl-dev@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=d3dce58d6f1dd89b" + "ref": "pkg:deb/debian/libssl-dev@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=1c425c6617d0cc1b" } ] }, { - "bom-ref": "urn:uuid:a2509bd5-09f1-437b-b21e-09dab876eb27", + "bom-ref": "urn:uuid:22b537fd-4f4c-47e8-ae25-a71647ed4171", "id": "CVE-2024-2511", "source": { "name": "debian-distro-debian-12", @@ -33145,12 +32620,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57" } ] }, { - "bom-ref": "urn:uuid:4de80c17-4804-4811-8fea-b06be17fbb28", + "bom-ref": "urn:uuid:7bee99e7-151f-4460-b6d8-b738b8f068e0", "id": "CVE-2024-2511", "source": { "name": "debian-distro-debian-12", @@ -33178,12 +32653,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/openssl@3.0.11-1~deb12u2?arch=amd64&distro=debian-12&package-id=0919462d0d876880" + "ref": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?arch=amd64&distro=debian-12&package-id=cddd26047eac2a86" } ] }, { - "bom-ref": "urn:uuid:d6726482-dd70-4cc2-b71d-cb52a64721cb", + "bom-ref": "urn:uuid:5f7af832-b230-462b-af59-bb311a93191f", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -33216,7 +32691,7 @@ ] }, { - "bom-ref": "urn:uuid:ec708770-03a0-42e3-a1f9-658ab4b85a06", + "bom-ref": "urn:uuid:215afde3-ff9c-4cfd-b18d-57f349aab3a8", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -33249,7 +32724,7 @@ ] }, { - "bom-ref": "urn:uuid:cab438bb-8273-486d-b465-3ec473460c04", + "bom-ref": "urn:uuid:f5c29d7c-3398-4ca5-b88c-dd862872254f", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -33282,7 +32757,7 @@ ] }, { - "bom-ref": "urn:uuid:43b9c8e6-2f84-4d7c-96a1-26cf7f4c49b5", + "bom-ref": "urn:uuid:f095f42e-9491-4bcf-8f9c-fa9c52b5a792", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -33315,7 +32790,7 @@ ] }, { - "bom-ref": "urn:uuid:db72498c-05f9-4152-b34b-8c3b6dde66c1", + "bom-ref": "urn:uuid:6d60389e-3f15-4362-aacc-845f9cd9baa8", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -33348,7 +32823,7 @@ ] }, { - "bom-ref": "urn:uuid:8de4c747-1fdb-4cce-91b2-d65da19dba4f", + "bom-ref": "urn:uuid:396fd012-e8be-4e6d-a1c4-50f2ac07f440", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -33381,7 +32856,7 @@ ] }, { - "bom-ref": "urn:uuid:e90df885-c30d-452f-ae63-e4e00c522d25", + "bom-ref": "urn:uuid:a2c472c0-fe50-41e4-87e9-1fc99c969544", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -33414,7 +32889,7 @@ ] }, { - "bom-ref": "urn:uuid:1b784b36-90f4-41cb-a621-fcc27f01b3af", + "bom-ref": "urn:uuid:a9b72218-b7e2-4270-8928-a8c3fbc1d6c8", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -33447,7 +32922,7 @@ ] }, { - "bom-ref": "urn:uuid:876c01a4-81e3-4584-82b1-8f3d4c17b491", + "bom-ref": "urn:uuid:e571ba20-56ff-492e-9cfa-0ce000dad66f", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -33480,7 +32955,7 @@ ] }, { - "bom-ref": "urn:uuid:b9f96af0-ebfd-4c18-873e-d69c7ba30e86", + "bom-ref": "urn:uuid:f1561a26-1db1-4cd8-bb9d-3c5d364397f9", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -33513,7 +32988,7 @@ ] }, { - "bom-ref": "urn:uuid:fccd879a-b23d-41b0-b4c9-f97fdfd2f1b0", + "bom-ref": "urn:uuid:218b9091-034f-45fd-87e4-9fee8ea2f46c", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -33546,7 +33021,7 @@ ] }, { - "bom-ref": "urn:uuid:73993ca3-1fbc-4b64-a5c9-6a8b8b4723f7", + "bom-ref": "urn:uuid:de010512-b66f-4b39-947a-3b2c59c6faf0", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -33579,7 +33054,7 @@ ] }, { - "bom-ref": "urn:uuid:720d81bb-4947-4a90-a65e-cfae1e307b3b", + "bom-ref": "urn:uuid:7ee4e509-9d29-4769-bc4f-1ad7ba29f7d3", "id": "CVE-2024-28182", "source": { "name": "debian-distro-debian-12", @@ -33612,7 +33087,7 @@ ] }, { - "bom-ref": "urn:uuid:a5f7b7f3-17dd-44d5-aaf7-d32a40eac0bc", + "bom-ref": "urn:uuid:1fd648f5-4195-446c-9ae3-ffc2a2ebaf62", "id": "CVE-2024-28757", "source": { "name": "debian-distro-debian-12", @@ -33645,73 +33120,7 @@ ] }, { - "bom-ref": "urn:uuid:72778323-79a8-4fc5-a9ba-57efee51e127", - "id": "CVE-2024-28834", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-28834" - }, - "references": [ - { - "id": "CVE-2024-28834", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-28834" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-28834" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u2?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=1de6e19dee40b0ab" - } - ] - }, - { - "bom-ref": "urn:uuid:a0786b33-256c-4916-a18b-a6b8e62b0e08", - "id": "CVE-2024-28835", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-28835" - }, - "references": [ - { - "id": "CVE-2024-28835", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-28835" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the \"certtool --verify-chain\" command.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-28835" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libgnutls30@3.7.9-2%2Bdeb12u2?arch=amd64&upstream=gnutls28&distro=debian-12&package-id=1de6e19dee40b0ab" - } - ] - }, - { - "bom-ref": "urn:uuid:824bba03-5d8e-4aa2-a55c-5d47a2f83dd1", + "bom-ref": "urn:uuid:91735a12-7625-43bd-8bc9-d5dc60b8e2c2", "id": "CVE-2024-34459", "source": { "name": "debian-distro-debian-12", @@ -33744,7 +33153,7 @@ ] }, { - "bom-ref": "urn:uuid:673df149-f8f9-4c3a-809e-c96651ad087e", + "bom-ref": "urn:uuid:4c6a2114-c1aa-4ca9-9b1f-9698c8cc0120", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -33764,6 +33173,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -33776,7 +33186,7 @@ ] }, { - "bom-ref": "urn:uuid:c83f5d16-c3ea-4285-adfb-5dca25aa443e", + "bom-ref": "urn:uuid:efda39ca-47c0-41b7-b52f-7897cb9e3e1a", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -33796,6 +33206,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -33808,7 +33219,7 @@ ] }, { - "bom-ref": "urn:uuid:5a939ffb-7bf6-4f56-8ae0-80374e9e42cb", + "bom-ref": "urn:uuid:1215c0c3-78f2-44f6-a1ed-ee23ba19d84d", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -33828,6 +33239,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -33840,7 +33252,7 @@ ] }, { - "bom-ref": "urn:uuid:308b497e-edc9-4cab-a8f0-f8d9e204e2dc", + "bom-ref": "urn:uuid:b049ba51-628d-4873-994d-d980b19b5fa8", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -33860,6 +33272,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -33872,7 +33285,7 @@ ] }, { - "bom-ref": "urn:uuid:fa1f6c71-37d2-4e47-a0d8-58090fb03b5b", + "bom-ref": "urn:uuid:9d76db6c-2786-4638-a6aa-ef79a938dbce", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -33892,6 +33305,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -33904,7 +33318,7 @@ ] }, { - "bom-ref": "urn:uuid:e6ea824e-3a31-42d8-ba5b-17256a7d9e30", + "bom-ref": "urn:uuid:72ed84cc-2db0-42fb-a461-aaa72cec6e16", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -33924,6 +33338,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -33936,7 +33351,7 @@ ] }, { - "bom-ref": "urn:uuid:6e01c0bd-3627-4521-ac6a-9019ee777435", + "bom-ref": "urn:uuid:450f9361-e15b-4dde-afe4-20cb7a3bc8bd", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -33956,6 +33371,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -33968,7 +33384,7 @@ ] }, { - "bom-ref": "urn:uuid:4899f2ac-c17f-4dcf-91a4-587d99b3175d", + "bom-ref": "urn:uuid:c2bfec3b-039e-460c-876a-8a1d78500ec6", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -33988,6 +33404,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -34000,7 +33417,7 @@ ] }, { - "bom-ref": "urn:uuid:c81b609b-3d54-49bd-b604-feb067ff347d", + "bom-ref": "urn:uuid:4015f73f-0c37-4fcd-a39b-31dde92c9e47", "id": "CVE-2024-4030", "source": { "name": "nvd-cpe", @@ -34017,7 +33434,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 7.1, + "severity": "high", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "description": "On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions.\n\nIf you’re not using Windows or haven’t changed the temporary directory location then you aren’t affected by this vulnerability. On other platforms the returned directory is consistently readable and writable only by the current user.\n\nThis issue was caused by Python not supporting Unix permissions on Windows. The fix adds support for Unix “700” for the mkdir function on Windows which is used by mkdtemp() to ensure the newly created directory has the proper permissions.\n", @@ -34067,12 +33487,12 @@ ], "affects": [ { - "ref": "pkg:generic/python@3.11.9?package-id=f05400c986d3d1b5" + "ref": "pkg:generic/python@3.11.9?package-id=c31c14f1edce3c84" } ] }, { - "bom-ref": "urn:uuid:2e03df0e-4693-45fb-8f4f-ff30195777e5", + "bom-ref": "urn:uuid:2c76ad3c-6963-42e2-9a58-a336b57ce35b", "id": "CVE-2024-4032", "source": { "name": "nvd-cpe", @@ -34133,12 +33553,12 @@ ], "affects": [ { - "ref": "pkg:generic/python@3.11.9?package-id=f05400c986d3d1b5" + "ref": "pkg:generic/python@3.11.9?package-id=c31c14f1edce3c84" } ] }, { - "bom-ref": "urn:uuid:760928de-a5a7-43cf-beab-51ba81d3be98", + "bom-ref": "urn:uuid:bdfe0ce9-515a-4bc8-a339-892e5984ed83", "id": "CVE-2024-4317", "source": { "name": "debian-distro-debian-12", @@ -34166,12 +33586,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpq5@15.6-0%2Bdeb12u1?arch=amd64&upstream=postgresql-15&distro=debian-12&package-id=b91f13e24096c1ff" + "ref": "pkg:deb/debian/libpq5@15.7-0%2Bdeb12u1?arch=amd64&upstream=postgresql-15&distro=debian-12&package-id=67555d5d1cc5af29" } ] }, { - "bom-ref": "urn:uuid:aa53b8a8-66a5-433d-87cf-337610d0ef22", + "bom-ref": "urn:uuid:54637c98-0368-4aa4-a82c-ad2f8afc7c14", "id": "CVE-2024-4603", "source": { "name": "debian-distro-debian-12", @@ -34199,12 +33619,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl-dev@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=d3dce58d6f1dd89b" + "ref": "pkg:deb/debian/libssl-dev@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=1c425c6617d0cc1b" } ] }, { - "bom-ref": "urn:uuid:9d817103-12e7-4d4b-9110-6a471d4da51e", + "bom-ref": "urn:uuid:b3f812ae-fd66-44b8-b473-5ce1c7a986f8", "id": "CVE-2024-4603", "source": { "name": "debian-distro-debian-12", @@ -34232,12 +33652,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57" } ] }, { - "bom-ref": "urn:uuid:bd251f95-1220-4c4b-ba82-b8f73670766a", + "bom-ref": "urn:uuid:613ec7b9-5e23-49d6-9b12-a76f56f49799", "id": "CVE-2024-4603", "source": { "name": "debian-distro-debian-12", @@ -34265,12 +33685,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/openssl@3.0.11-1~deb12u2?arch=amd64&distro=debian-12&package-id=0919462d0d876880" + "ref": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?arch=amd64&distro=debian-12&package-id=cddd26047eac2a86" } ] }, { - "bom-ref": "urn:uuid:74a59b93-8620-4d99-ba53-9a3d35c6f388", + "bom-ref": "urn:uuid:c1016581-cec4-4391-9ac3-ab40f58ccb70", "id": "CVE-2024-4741", "source": { "name": "debian-distro-debian-12", @@ -34297,12 +33717,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl-dev@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=d3dce58d6f1dd89b" + "ref": "pkg:deb/debian/libssl-dev@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=1c425c6617d0cc1b" } ] }, { - "bom-ref": "urn:uuid:1c9cc13d-d5b7-44a7-ad87-81d2ed59e5e6", + "bom-ref": "urn:uuid:8e411252-92ef-4dcf-89e1-bfc39fa63d2c", "id": "CVE-2024-4741", "source": { "name": "debian-distro-debian-12", @@ -34329,12 +33749,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57" } ] }, { - "bom-ref": "urn:uuid:f8d18d7a-6941-4c32-80ac-6a76c9e5ebf3", + "bom-ref": "urn:uuid:050fd911-2871-4550-bd9d-ba97030f48cc", "id": "CVE-2024-4741", "source": { "name": "debian-distro-debian-12", @@ -34361,12 +33781,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/openssl@3.0.11-1~deb12u2?arch=amd64&distro=debian-12&package-id=0919462d0d876880" + "ref": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?arch=amd64&distro=debian-12&package-id=cddd26047eac2a86" } ] }, { - "bom-ref": "urn:uuid:b603eab4-2166-416a-ae08-9486f7aa01c5", + "bom-ref": "urn:uuid:002990ea-c6ac-4dc2-a890-c9d325797f63", "id": "CVE-2024-5535", "source": { "name": "debian-distro-debian-12", @@ -34383,9 +33803,10 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "critical" } ], + "description": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-5535" @@ -34393,12 +33814,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl-dev@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=d3dce58d6f1dd89b" + "ref": "pkg:deb/debian/libssl-dev@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=1c425c6617d0cc1b" } ] }, { - "bom-ref": "urn:uuid:8fe91560-cdab-4e87-82a6-e81f01f0e781", + "bom-ref": "urn:uuid:6f62dc38-8fa2-47c5-aa87-341c3ec1161c", "id": "CVE-2024-5535", "source": { "name": "debian-distro-debian-12", @@ -34415,9 +33836,10 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "critical" } ], + "description": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-5535" @@ -34425,12 +33847,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=f4f6c7a5773f97fe" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=a1bc152826a84c57" } ] }, { - "bom-ref": "urn:uuid:86a27787-323b-4c18-9218-04e2bf3f3136", + "bom-ref": "urn:uuid:5318c6f5-a395-4f19-8dd8-712f74e50418", "id": "CVE-2024-5535", "source": { "name": "debian-distro-debian-12", @@ -34447,9 +33869,10 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "critical" } ], + "description": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-5535" @@ -34457,223 +33880,7 @@ ], "affects": [ { - "ref": "pkg:deb/debian/openssl@3.0.11-1~deb12u2?arch=amd64&distro=debian-12&package-id=0919462d0d876880" - } - ] - }, - { - "bom-ref": "urn:uuid:1818d3b6-ab9f-42c9-9daf-15e759ca9c87", - "id": "GHSA-34jh-p97f-mpxf", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-34jh-p97f-mpxf" - }, - "references": [ - { - "id": "GHSA-34jh-p97f-mpxf", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-34jh-p97f-mpxf" - } - } - ], - "ratings": [ - { - "score": 4.4, - "severity": "medium", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N" - } - ], - "description": "urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects ", - "advisories": [ - { - "url": "https://github.com/advisories/GHSA-34jh-p97f-mpxf" - } - ], - "affects": [ - { - "ref": "pkg:pypi/urllib3@2.0.7?package-id=abd4cee8fb857ec6" - } - ] - }, - { - "bom-ref": "urn:uuid:3fb38454-d002-4af2-834f-7c476d494101", - "id": "GHSA-5357-c2jx-v7qh", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-5357-c2jx-v7qh" - }, - "references": [ - { - "id": "GHSA-5357-c2jx-v7qh", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-5357-c2jx-v7qh" - } - } - ], - "ratings": [ - { - "score": 7.4, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" - } - ], - "description": "Authlib has algorithm confusion with asymmetric public keys", - "advisories": [ - { - "url": "https://github.com/advisories/GHSA-5357-c2jx-v7qh" - } - ], - "affects": [ - { - "ref": "pkg:pypi/authlib@1.3.0?package-id=e6bc97b6a00065d3" - } - ] - }, - { - "bom-ref": "urn:uuid:ae1cf03f-dc67-4ac8-9d49-f91c419eeb51", - "id": "GHSA-753j-mpmx-qq6g", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-753j-mpmx-qq6g" - }, - "references": [ - { - "id": "GHSA-753j-mpmx-qq6g", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-753j-mpmx-qq6g" - } - } - ], - "ratings": [ - { - "score": 5.3, - "severity": "medium", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" - } - ], - "description": "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado", - "advisories": [ - { - "url": "https://github.com/advisories/GHSA-753j-mpmx-qq6g" - } - ], - "affects": [ - { - "ref": "pkg:pypi/tornado@6.4?package-id=7b272900ad605ca6" - } - ] - }, - { - "bom-ref": "urn:uuid:edfd05aa-af7c-4816-b965-a15e476313b7", - "id": "GHSA-9wx4-h78v-vm56", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-9wx4-h78v-vm56" - }, - "references": [ - { - "id": "GHSA-9wx4-h78v-vm56", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-9wx4-h78v-vm56" - } - } - ], - "ratings": [ - { - "score": 5.6, - "severity": "medium", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N" - } - ], - "description": "Requests `Session` object does not verify requests after making first request with verify=False", - "advisories": [ - { - "url": "https://github.com/advisories/GHSA-9wx4-h78v-vm56" - } - ], - "affects": [ - { - "ref": "pkg:pypi/requests@2.31.0?package-id=4c2f455bc9f27f0d" - } - ] - }, - { - "bom-ref": "urn:uuid:a2dfcbe6-0333-46f3-98e7-cc4687d266ed", - "id": "GHSA-h75v-3vvj-5mfj", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-h75v-3vvj-5mfj" - }, - "references": [ - { - "id": "GHSA-h75v-3vvj-5mfj", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-h75v-3vvj-5mfj" - } - } - ], - "ratings": [ - { - "score": 5.4, - "severity": "medium", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" - } - ], - "description": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter", - "advisories": [ - { - "url": "https://github.com/advisories/GHSA-h75v-3vvj-5mfj" - } - ], - "affects": [ - { - "ref": "pkg:pypi/jinja2@3.1.3?package-id=bbdafdfe43732f6f" - } - ] - }, - { - "bom-ref": "urn:uuid:769ad82e-e90b-41df-bdd4-c9605389a05e", - "id": "GHSA-w235-7p84-xx57", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-w235-7p84-xx57" - }, - "references": [ - { - "id": "GHSA-w235-7p84-xx57", - "source": { - "name": "github-language-python", - "url": "https://github.com/advisories/GHSA-w235-7p84-xx57" - } - } - ], - "ratings": [ - { - "score": 6.5, - "severity": "medium", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" - } - ], - "description": "Tornado has a CRLF injection in CurlAsyncHTTPClient headers", - "advisories": [ - { - "url": "https://github.com/advisories/GHSA-w235-7p84-xx57" - } - ], - "affects": [ - { - "ref": "pkg:pypi/tornado@6.4?package-id=7b272900ad605ca6" + "ref": "pkg:deb/debian/openssl@3.0.13-1~deb12u1?arch=amd64&distro=debian-12&package-id=cddd26047eac2a86" } ] } diff --git a/sboms/docker.io_vectorim_element-web:v1.11.68.json b/sboms/docker.io_vectorim_element-web:v1.11.69.json similarity index 93% rename from sboms/docker.io_vectorim_element-web:v1.11.68.json rename to sboms/docker.io_vectorim_element-web:v1.11.69.json index 4182f89..05200d9 100644 --- a/sboms/docker.io_vectorim_element-web:v1.11.68.json +++ b/sboms/docker.io_vectorim_element-web:v1.11.69.json @@ -1,26 +1,26 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:aafb77cd-ee58-4094-837d-7ebe95ba49e0", + "specVersion": "1.6", + "serialNumber": "urn:uuid:778bcddc-91b2-420b-8b46-5d9026bfd588", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:54:04Z", + "timestamp": "2024-07-05T11:45:34Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, "component": { - "bom-ref": "8649d1ec4b5d6ffe", + "bom-ref": "a71d8125a95c86c1", "type": "container", - "name": "docker.io/vectorim/element-web:v1.11.68", - "version": "v1.11.68" + "name": "docker.io/vectorim/element-web:v1.11.69", + "version": "v1.11.69" }, "properties": [ { @@ -29,7 +29,7 @@ }, { "name": "syft:image:labels:org.opencontainers.image.created", - "value": "2024-06-04T13:37:48.016Z" + "value": "2024-06-18T12:22:07.011Z" }, { "name": "syft:image:labels:org.opencontainers.image.description", @@ -41,7 +41,7 @@ }, { "name": "syft:image:labels:org.opencontainers.image.revision", - "value": "30f964447fe6c27954f68c0f934ab30023f04675" + "value": "fa1d2c7dfb94d5599378453f2c458dcc56b6df88" }, { "name": "syft:image:labels:org.opencontainers.image.source", @@ -57,7 +57,7 @@ }, { "name": "syft:image:labels:org.opencontainers.image.version", - "value": "v1.11.68" + "value": "v1.11.69" } ] }, @@ -1920,7 +1920,7 @@ ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:d90f5134-c611-43be-9178-4ef01bbe2c79", + "bom-ref": "urn:uuid:d05944ac-6b2a-4efb-8d42-9e947b5959a2", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.19", @@ -1952,7 +1952,7 @@ ] }, { - "bom-ref": "urn:uuid:065b2d16-daf0-4f9e-9c7a-4f5db187992e", + "bom-ref": "urn:uuid:d9bfd89a-08f7-48c7-b635-7feb08197534", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.19", @@ -1984,7 +1984,7 @@ ] }, { - "bom-ref": "urn:uuid:d4f4cb4a-ca87-4bb1-88c7-17382f3ed54c", + "bom-ref": "urn:uuid:acad80ed-21fb-40ef-997b-15c3dd658a3c", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.19", @@ -2016,7 +2016,7 @@ ] }, { - "bom-ref": "urn:uuid:dfa12c17-b1d7-453f-b0d3-06e7e50dfcc2", + "bom-ref": "urn:uuid:ba8b9f4d-250d-4d9a-b2a9-916958f5f735", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.19", @@ -2048,7 +2048,7 @@ ] }, { - "bom-ref": "urn:uuid:7861876d-efec-4e82-8619-50306e3b78a6", + "bom-ref": "urn:uuid:e800b1ca-855d-4cd5-b7a7-5f7f3b26ac48", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.19", @@ -2080,7 +2080,7 @@ ] }, { - "bom-ref": "urn:uuid:53fdbf90-c7ba-4f5f-9d87-b83ab5650ac6", + "bom-ref": "urn:uuid:ad1f38ab-ec09-4663-b77d-a90ea40adb7d", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.19", @@ -2112,7 +2112,7 @@ ] }, { - "bom-ref": "urn:uuid:53df39a6-7540-4971-b381-926dd1b431aa", + "bom-ref": "urn:uuid:11b6108f-3c7c-4de9-8df9-7efc94fb7da5", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.19", @@ -2144,7 +2144,7 @@ ] }, { - "bom-ref": "urn:uuid:731cfeaf-edfb-410d-bace-9151fb19b492", + "bom-ref": "urn:uuid:197847ca-4073-4089-ab17-dac4a7487a61", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.19", @@ -2176,7 +2176,7 @@ ] }, { - "bom-ref": "urn:uuid:72e29774-6ee8-4ff1-a26b-d83cb8082952", + "bom-ref": "urn:uuid:c3827e71-29e8-4626-a69b-1b37890a9388", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.19", @@ -2208,7 +2208,7 @@ ] }, { - "bom-ref": "urn:uuid:53ed48d6-37dd-4cdb-8054-cf07a2c437d6", + "bom-ref": "urn:uuid:01be8cf5-11da-4213-952f-0655a2466eb7", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.19", @@ -2240,7 +2240,7 @@ ] }, { - "bom-ref": "urn:uuid:1dede598-2627-47be-993b-ab55e6fd932b", + "bom-ref": "urn:uuid:7b473dea-c2ea-4669-834a-0c33977ef18c", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.19", @@ -2272,7 +2272,7 @@ ] }, { - "bom-ref": "urn:uuid:c2528c78-6c55-4a7c-9fa7-0c1d5a7a59fe", + "bom-ref": "urn:uuid:8bbc230e-a1a9-4a97-b14d-999e070383ae", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.19", @@ -2302,6 +2302,134 @@ "ref": "pkg:apk/alpine/ssl_client@1.36.1-r15?arch=x86_64&upstream=busybox&distro=alpine-3.19.1&package-id=17de13f9e782bd29" } ] + }, + { + "bom-ref": "urn:uuid:3e90d024-3d4a-49c5-8ed7-0b97f87a54b7", + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + }, + "references": [ + { + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libcrypto3@3.1.5-r0?arch=x86_64&upstream=openssl&distro=alpine-3.19.1&package-id=48aded0ae4ac61b3" + } + ] + }, + { + "bom-ref": "urn:uuid:b4945345-d083-465d-9565-442ac7228102", + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + }, + "references": [ + { + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libssl3@3.1.5-r0?arch=x86_64&upstream=openssl&distro=alpine-3.19.1&package-id=ebfcfa317a422e97" + } + ] + }, + { + "bom-ref": "urn:uuid:2ed9f0ec-2f68-451f-8bc7-932e58343d3d", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libcrypto3@3.1.5-r0?arch=x86_64&upstream=openssl&distro=alpine-3.19.1&package-id=48aded0ae4ac61b3" + } + ] + }, + { + "bom-ref": "urn:uuid:de71e953-3307-47d1-bd9e-1c5e0a38a5e6", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libssl3@3.1.5-r0?arch=x86_64&upstream=openssl&distro=alpine-3.19.1&package-id=ebfcfa317a422e97" + } + ] } ] } diff --git a/sboms/docker.io_vectorim_ess-core-operator-conversion-webhook:2.18.6.json b/sboms/docker.io_vectorim_ess-core-operator-conversion-webhook:2.19.0.json similarity index 85% rename from sboms/docker.io_vectorim_ess-core-operator-conversion-webhook:2.18.6.json rename to sboms/docker.io_vectorim_ess-core-operator-conversion-webhook:2.19.0.json index b1c3267..229941e 100644 --- a/sboms/docker.io_vectorim_ess-core-operator-conversion-webhook:2.18.6.json +++ b/sboms/docker.io_vectorim_ess-core-operator-conversion-webhook:2.19.0.json @@ -1,26 +1,26 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:8553e2e5-da1e-40a5-8959-6c94ce8bc96a", + "specVersion": "1.6", + "serialNumber": "urn:uuid:cc860fa7-c0f4-4b6a-86f6-146ea051f6c0", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:59:28Z", + "timestamp": "2024-07-05T12:07:41Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, "component": { - "bom-ref": "c203943d592602e9", + "bom-ref": "9c639cf4fcd8bf13", "type": "container", - "name": "docker.io/vectorim/ess-core-operator-conversion-webhook:2.18.6@sha256:4936cafc982fba71acc3cdd47e99a371004c27126191c317e288f996bdc6d41c", - "version": "sha256:4936cafc982fba71acc3cdd47e99a371004c27126191c317e288f996bdc6d41c" + "name": "docker.io/vectorim/ess-core-operator-conversion-webhook:2.19.0@sha256:9ed85dd222dcb886d4677371c4c35371ca0bf09bc46d17c552810b3203a871e3", + "version": "sha256:9ed85dd222dcb886d4677371c4c35371ca0bf09bc46d17c552810b3203a871e3" }, "properties": [ { @@ -31,11 +31,11 @@ }, "components": [ { - "bom-ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=854ccee33785ad46", + "bom-ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12&package-id=61199aa239b084c0", "type": "library", "publisher": "Santiago Vila ", "name": "base-files", - "version": "12.4+deb12u5", + "version": "12.4+deb12u6", "licenses": [ { "license": { @@ -43,8 +43,8 @@ } } ], - "cpe": "cpe:2.3:a:base-files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12", + "cpe": "cpe:2.3:a:base-files:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -60,27 +60,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base-files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base-files:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:0:path", @@ -88,7 +88,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:1:path", @@ -96,7 +96,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:2:path", @@ -109,7 +109,7 @@ ] }, { - "bom-ref": "pkg:golang/command-line-arguments@(devel)?package-id=b74fa1301f043268", + "bom-ref": "pkg:golang/command-line-arguments@(devel)?package-id=4174acb63a7bb646", "type": "library", "name": "command-line-arguments", "version": "(devel)", @@ -133,7 +133,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -145,7 +145,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -158,7 +158,7 @@ ] }, { - "bom-ref": "pkg:golang/element.io/conversion-webhook@(devel)?package-id=4b1ce2c22ef41ecb", + "bom-ref": "pkg:golang/element.io/conversion-webhook@(devel)?package-id=88ab5d1c8c140d36", "type": "library", "name": "element.io/conversion-webhook", "version": "(devel)", @@ -182,7 +182,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -194,7 +194,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -207,7 +207,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=fa5c1f779071ab1d", + "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=8a99b9e71ad7164b", "type": "library", "name": "github.com/davecgh/go-spew", "version": "v1.1.1", @@ -236,7 +236,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -248,7 +248,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -265,7 +265,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/emicklei/go-restful@v3.9.0?package-id=ba1f1c9caaa7f9a1#v3", + "bom-ref": "pkg:golang/github.com/emicklei/go-restful@v3.9.0?package-id=728bf5326b69b861#v3", "type": "library", "name": "github.com/emicklei/go-restful/v3", "version": "v3.9.0", @@ -294,7 +294,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -306,7 +306,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -323,7 +323,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-logr/logr@v1.2.4?package-id=dee55c761f23a544", + "bom-ref": "pkg:golang/github.com/go-logr/logr@v1.2.4?package-id=3846a049cb88b4c6", "type": "library", "name": "github.com/go-logr/logr", "version": "v1.2.4", @@ -356,7 +356,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -368,7 +368,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -385,7 +385,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=bc8ba8d136fae4aa", + "bom-ref": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=978f4b1a7be33f9d", "type": "library", "name": "github.com/go-openapi/jsonpointer", "version": "v0.19.6", @@ -418,7 +418,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -430,7 +430,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -447,7 +447,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=09ae0a3965838ab9", + "bom-ref": "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=1ce363815d685dc3", "type": "library", "name": "github.com/go-openapi/jsonreference", "version": "v0.20.2", @@ -480,7 +480,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -492,7 +492,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -509,7 +509,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/swag@v0.22.3?package-id=b029c0d82fc1ea8b", + "bom-ref": "pkg:golang/github.com/go-openapi/swag@v0.22.3?package-id=406c3205666ea61c", "type": "library", "name": "github.com/go-openapi/swag", "version": "v0.22.3", @@ -542,7 +542,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -554,7 +554,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -571,7 +571,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=7fdb47937adc84f2", + "bom-ref": "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=051e75e03536e924", "type": "library", "name": "github.com/gogo/protobuf", "version": "v1.3.2", @@ -596,7 +596,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -608,7 +608,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -625,7 +625,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=32db018d4061cda0", + "bom-ref": "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=b08d098205905880", "type": "library", "name": "github.com/golang/protobuf", "version": "v1.5.3", @@ -650,7 +650,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -662,7 +662,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -679,7 +679,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=afa9c88637ce6a36", + "bom-ref": "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=19d6585db2026a9d", "type": "library", "name": "github.com/google/gnostic-models", "version": "v0.6.8", @@ -708,7 +708,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -720,7 +720,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -737,7 +737,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/go-cmp@v0.5.9?package-id=e60e375f9a1d0db7", + "bom-ref": "pkg:golang/github.com/google/go-cmp@v0.5.9?package-id=4ce487588bbcebb5", "type": "library", "name": "github.com/google/go-cmp", "version": "v0.5.9", @@ -766,7 +766,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -778,7 +778,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -795,7 +795,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=79c7fa643a05ce00", + "bom-ref": "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=c27efff79b965ce6", "type": "library", "name": "github.com/google/gofuzz", "version": "v1.2.0", @@ -820,7 +820,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -832,7 +832,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -849,7 +849,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/uuid@v1.3.0?package-id=93cabcce4c0cdcf7", + "bom-ref": "pkg:golang/github.com/google/uuid@v1.3.0?package-id=7ae2d23439c514b7", "type": "library", "name": "github.com/google/uuid", "version": "v1.3.0", @@ -874,7 +874,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -886,7 +886,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -903,7 +903,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=77217bbaa863660f", + "bom-ref": "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=d6f22c66ce5ed74b", "type": "library", "name": "github.com/josharian/intern", "version": "v1.0.0", @@ -928,7 +928,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -940,7 +940,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -957,7 +957,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=6459eee723ea63d0", + "bom-ref": "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=8a2bdfcf3b0728f5", "type": "library", "name": "github.com/json-iterator/go", "version": "v1.1.12", @@ -990,7 +990,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1002,7 +1002,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1019,7 +1019,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=fc3e1dc6c87dfeb5", + "bom-ref": "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=06de5d2b4a776f06", "type": "library", "name": "github.com/mailru/easyjson", "version": "v0.7.7", @@ -1044,7 +1044,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1056,7 +1056,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1073,7 +1073,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=5040b2e30327e974", + "bom-ref": "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=165e3582195900f6", "type": "library", "name": "github.com/modern-go/concurrent", "version": "v0.0.0-20180306012644-bacd9c7ef1dd", @@ -1106,7 +1106,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1118,7 +1118,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1135,7 +1135,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=2de08a81eac24afb", + "bom-ref": "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=8a10d7e202c2e37d", "type": "library", "name": "github.com/modern-go/reflect2", "version": "v1.0.2", @@ -1168,7 +1168,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1180,7 +1180,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1197,7 +1197,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=e1366a931f0f2084", + "bom-ref": "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=a0193002c990cc91", "type": "library", "name": "github.com/munnerz/goautoneg", "version": "v0.0.0-20191010083416-a7dc8b61c822", @@ -1222,7 +1222,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1234,7 +1234,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1251,7 +1251,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.7.0?package-id=26f4acc7a7a2d248", + "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.7.0?package-id=fba62855b80a7997", "type": "library", "name": "github.com/spf13/cobra", "version": "v1.7.0", @@ -1276,7 +1276,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1288,7 +1288,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1305,7 +1305,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=12cfc690dcc153df", + "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=044210eb72037bbb", "type": "library", "name": "github.com/spf13/pflag", "version": "v1.0.5", @@ -1330,7 +1330,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1342,7 +1342,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1359,7 +1359,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/net@v0.17.0?package-id=184f41c87b5f4140", + "bom-ref": "pkg:golang/golang.org/x/net@v0.17.0?package-id=172682ed9da5cfc1", "type": "library", "name": "golang.org/x/net", "version": "v0.17.0", @@ -1384,7 +1384,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1396,7 +1396,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1413,7 +1413,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/oauth2@v0.8.0?package-id=d252c36980d28ce1", + "bom-ref": "pkg:golang/golang.org/x/oauth2@v0.8.0?package-id=d1c814a81c4bff8b", "type": "library", "name": "golang.org/x/oauth2", "version": "v0.8.0", @@ -1438,7 +1438,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1450,7 +1450,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1467,7 +1467,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/sys@v0.13.0?package-id=e83e1555fa2474b4", + "bom-ref": "pkg:golang/golang.org/x/sys@v0.13.0?package-id=1da4ac5e06a1c483", "type": "library", "name": "golang.org/x/sys", "version": "v0.13.0", @@ -1492,7 +1492,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1504,7 +1504,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1521,7 +1521,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/term@v0.13.0?package-id=4c1abc1476f3ae86", + "bom-ref": "pkg:golang/golang.org/x/term@v0.13.0?package-id=145051a3a0242595", "type": "library", "name": "golang.org/x/term", "version": "v0.13.0", @@ -1546,7 +1546,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1558,7 +1558,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1575,7 +1575,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/text@v0.13.0?package-id=1c326286f814f028", + "bom-ref": "pkg:golang/golang.org/x/text@v0.13.0?package-id=815966c4ee4e7e8e", "type": "library", "name": "golang.org/x/text", "version": "v0.13.0", @@ -1600,7 +1600,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1612,7 +1612,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1629,7 +1629,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/time@v0.3.0?package-id=fd2309d20c5d5c2f", + "bom-ref": "pkg:golang/golang.org/x/time@v0.3.0?package-id=971a45cce76af353", "type": "library", "name": "golang.org/x/time", "version": "v0.3.0", @@ -1654,7 +1654,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1666,7 +1666,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1683,7 +1683,7 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/protobuf@v1.30.0?package-id=af5d4ca034475bc2", + "bom-ref": "pkg:golang/google.golang.org/protobuf@v1.30.0?package-id=e2a287f9c8247926", "type": "library", "name": "google.golang.org/protobuf", "version": "v1.30.0", @@ -1708,7 +1708,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1720,7 +1720,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1737,7 +1737,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=f5bbaf123d08f5e7", + "bom-ref": "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=59b64cb71bacc2f3", "type": "library", "name": "gopkg.in/inf.v0", "version": "v0.9.1", @@ -1761,7 +1761,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1773,7 +1773,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1790,7 +1790,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=6689640c6df7d600", + "bom-ref": "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=b6896eb38c75f887", "type": "library", "name": "gopkg.in/yaml.v2", "version": "v2.4.0", @@ -1814,7 +1814,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1826,7 +1826,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1843,7 +1843,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=3ca4d3af38c404fd", + "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=a0927f901869b9fb", "type": "library", "name": "gopkg.in/yaml.v3", "version": "v3.0.1", @@ -1868,7 +1868,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1880,7 +1880,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1897,7 +1897,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/api@v0.28.3?package-id=df789aefea0eb43c", + "bom-ref": "pkg:golang/k8s.io/api@v0.28.3?package-id=473d7e7e78448944", "type": "library", "name": "k8s.io/api", "version": "v0.28.3", @@ -1921,7 +1921,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1933,7 +1933,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1950,7 +1950,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.3?package-id=c5d4e9b997b01b4d", + "bom-ref": "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.3?package-id=ca51d2ac0dfbda3e", "type": "library", "name": "k8s.io/apiextensions-apiserver", "version": "v0.28.3", @@ -1974,7 +1974,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -1986,7 +1986,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2003,7 +2003,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/apimachinery@v0.28.3?package-id=378c52edad8d8b07", + "bom-ref": "pkg:golang/k8s.io/apimachinery@v0.28.3?package-id=82c68d4f4f2f27e8", "type": "library", "name": "k8s.io/apimachinery", "version": "v0.28.3", @@ -2027,7 +2027,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -2039,7 +2039,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2056,7 +2056,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/client-go@v0.28.3?package-id=e97aaa4eec507e60", + "bom-ref": "pkg:golang/k8s.io/client-go@v0.28.3?package-id=a31c6de51e0e5673", "type": "library", "name": "k8s.io/client-go", "version": "v0.28.3", @@ -2080,7 +2080,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -2092,7 +2092,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2109,7 +2109,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/klog@v1.0.0?package-id=ba9212ddb8575c66", + "bom-ref": "pkg:golang/k8s.io/klog@v1.0.0?package-id=1c404a6e7b0e5fb4", "type": "library", "name": "k8s.io/klog", "version": "v1.0.0", @@ -2133,7 +2133,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -2145,7 +2145,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2162,7 +2162,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=24704a64f54f6c56", + "bom-ref": "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=c755157f1b97c18c", "type": "library", "name": "k8s.io/klog/v2", "version": "v2.100.1", @@ -2187,7 +2187,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -2199,7 +2199,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2216,7 +2216,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=1acaf3e7a7182c7a", + "bom-ref": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=d7e794af7fdea772", "type": "library", "name": "k8s.io/kube-openapi", "version": "v0.0.0-20230717233707-2695361300d9", @@ -2240,7 +2240,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -2252,7 +2252,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2269,7 +2269,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20230406110748-d93618cff8a2?package-id=f3406e1b871d0bd5", + "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20230406110748-d93618cff8a2?package-id=537c88bfbe32e49f", "type": "library", "name": "k8s.io/utils", "version": "v0.0.0-20230406110748-d93618cff8a2", @@ -2293,7 +2293,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -2305,7 +2305,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2380,7 +2380,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=07b6acffcbae3bfa", + "bom-ref": "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=ae75d75944b68e1b", "type": "library", "name": "sigs.k8s.io/json", "version": "v0.0.0-20221116044647-bc3834ca7abd", @@ -2404,7 +2404,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -2416,7 +2416,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2433,7 +2433,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=6791804e2dd75ce5", + "bom-ref": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=8afad73138d314df", "type": "library", "name": "sigs.k8s.io/structured-merge-diff/v4", "version": "v4.2.3", @@ -2474,7 +2474,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -2486,7 +2486,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2503,7 +2503,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/yaml@v1.3.0?package-id=d76a6399e4f0d93b", + "bom-ref": "pkg:golang/sigs.k8s.io/yaml@v1.3.0?package-id=f84e254ba2f9fcdb", "type": "library", "name": "sigs.k8s.io/yaml", "version": "v1.3.0", @@ -2527,7 +2527,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -2539,7 +2539,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2556,10 +2556,10 @@ ] }, { - "bom-ref": "pkg:golang/stdlib@1.21.11?package-id=b78446cd8972cf78", + "bom-ref": "pkg:golang/stdlib@1.21.12?package-id=93110a46168a372e", "type": "library", "name": "stdlib", - "version": "go1.21.11", + "version": "go1.21.12", "licenses": [ { "license": { @@ -2567,8 +2567,8 @@ } } ], - "cpe": "cpe:2.3:a:golang:go:1.21.11:-:*:*:*:*:*:*", - "purl": "pkg:golang/stdlib@1.21.11", + "cpe": "cpe:2.3:a:golang:go:1.21.12:-:*:*:*:*:*:*", + "purl": "pkg:golang/stdlib@1.21.12", "properties": [ { "name": "syft:package:language", @@ -2584,7 +2584,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:55a5319a84838407bc680611c4038de6dc5e50635287d94d83bfdd7feb12240c" + "value": "sha256:e3ebc4822213f899fb779081dd24611e9877db1fe8e4b02dae4b95a2724d55ab" }, { "name": "syft:location:0:path", @@ -2592,7 +2592,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" } ] }, @@ -2696,9 +2696,59 @@ ] } ], + "dependencies": [ + { + "ref": "pkg:golang/command-line-arguments@(devel)?package-id=4174acb63a7bb646", + "dependsOn": [ + "pkg:golang/element.io/conversion-webhook@(devel)?package-id=88ab5d1c8c140d36", + "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=8a99b9e71ad7164b", + "pkg:golang/github.com/emicklei/go-restful@v3.9.0?package-id=728bf5326b69b861#v3", + "pkg:golang/github.com/go-logr/logr@v1.2.4?package-id=3846a049cb88b4c6", + "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=978f4b1a7be33f9d", + "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=1ce363815d685dc3", + "pkg:golang/github.com/go-openapi/swag@v0.22.3?package-id=406c3205666ea61c", + "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=051e75e03536e924", + "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=b08d098205905880", + "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=19d6585db2026a9d", + "pkg:golang/github.com/google/go-cmp@v0.5.9?package-id=4ce487588bbcebb5", + "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=c27efff79b965ce6", + "pkg:golang/github.com/google/uuid@v1.3.0?package-id=7ae2d23439c514b7", + "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=d6f22c66ce5ed74b", + "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=8a2bdfcf3b0728f5", + "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=06de5d2b4a776f06", + "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=165e3582195900f6", + "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=8a10d7e202c2e37d", + "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=a0193002c990cc91", + "pkg:golang/github.com/spf13/cobra@v1.7.0?package-id=fba62855b80a7997", + "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=044210eb72037bbb", + "pkg:golang/golang.org/x/net@v0.17.0?package-id=172682ed9da5cfc1", + "pkg:golang/golang.org/x/oauth2@v0.8.0?package-id=d1c814a81c4bff8b", + "pkg:golang/golang.org/x/sys@v0.13.0?package-id=1da4ac5e06a1c483", + "pkg:golang/golang.org/x/term@v0.13.0?package-id=145051a3a0242595", + "pkg:golang/golang.org/x/text@v0.13.0?package-id=815966c4ee4e7e8e", + "pkg:golang/golang.org/x/time@v0.3.0?package-id=971a45cce76af353", + "pkg:golang/google.golang.org/protobuf@v1.30.0?package-id=e2a287f9c8247926", + "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=59b64cb71bacc2f3", + "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=b6896eb38c75f887", + "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=a0927f901869b9fb", + "pkg:golang/k8s.io/api@v0.28.3?package-id=473d7e7e78448944", + "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.3?package-id=ca51d2ac0dfbda3e", + "pkg:golang/k8s.io/apimachinery@v0.28.3?package-id=82c68d4f4f2f27e8", + "pkg:golang/k8s.io/client-go@v0.28.3?package-id=a31c6de51e0e5673", + "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=c755157f1b97c18c", + "pkg:golang/k8s.io/klog@v1.0.0?package-id=1c404a6e7b0e5fb4", + "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=d7e794af7fdea772", + "pkg:golang/k8s.io/utils@v0.0.0-20230406110748-d93618cff8a2?package-id=537c88bfbe32e49f", + "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=ae75d75944b68e1b", + "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=8afad73138d314df", + "pkg:golang/sigs.k8s.io/yaml@v1.3.0?package-id=f84e254ba2f9fcdb", + "pkg:golang/stdlib@1.21.12?package-id=93110a46168a372e" + ] + } + ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:9ef6ca41-d93e-45b8-bde1-40a1d3d6b577", + "bom-ref": "urn:uuid:aa8e9947-ef00-4bcc-8a24-8ca5bef2c5b7", "id": "GHSA-4v7x-pqxf-cx7m", "source": { "name": "github-language-go", @@ -2729,12 +2779,12 @@ ], "affects": [ { - "ref": "pkg:golang/golang.org/x/net@v0.17.0?package-id=184f41c87b5f4140" + "ref": "pkg:golang/golang.org/x/net@v0.17.0?package-id=172682ed9da5cfc1" } ] }, { - "bom-ref": "urn:uuid:5a53fa34-1bae-40e4-a9d8-a863c940d6bf", + "bom-ref": "urn:uuid:8ea342d0-6edf-4df7-9a83-004570df98af", "id": "GHSA-8r3f-844c-mc37", "source": { "name": "github-language-go", @@ -2762,7 +2812,7 @@ ], "affects": [ { - "ref": "pkg:golang/google.golang.org/protobuf@v1.30.0?package-id=af5d4ca034475bc2" + "ref": "pkg:golang/google.golang.org/protobuf@v1.30.0?package-id=e2a287f9c8247926" } ] } diff --git a/sboms/docker.io_vectorim_ess-core-operator:2.18.6.json b/sboms/docker.io_vectorim_ess-core-operator:2.19.0.json similarity index 90% rename from sboms/docker.io_vectorim_ess-core-operator:2.18.6.json rename to sboms/docker.io_vectorim_ess-core-operator:2.19.0.json index 7f308f2..c7c0f58 100644 --- a/sboms/docker.io_vectorim_ess-core-operator:2.18.6.json +++ b/sboms/docker.io_vectorim_ess-core-operator:2.19.0.json @@ -1,26 +1,26 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:cec4f8e2-06c4-4c3d-ac69-87e46e787a3a", + "specVersion": "1.6", + "serialNumber": "urn:uuid:8c479b06-927c-4b38-9bf3-bbf9cc3b4d45", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:59:36Z", + "timestamp": "2024-07-05T12:07:42Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, "component": { - "bom-ref": "268a75cb8eba1eb8", + "bom-ref": "255d349b1708b765", "type": "container", - "name": "docker.io/vectorim/ess-core-operator:2.18.6@sha256:a0ba6921a0a4c795aa8deb501f870187c552e1ce87f145f319a56616f7c07ba3", - "version": "sha256:a0ba6921a0a4c795aa8deb501f870187c552e1ce87f145f319a56616f7c07ba3" + "name": "docker.io/vectorim/ess-core-operator:2.19.0@sha256:6e9418d1a0be916899279a380763eb37b2f9dbba798217cd804aee1a2fc1a10e", + "version": "sha256:6e9418d1a0be916899279a380763eb37b2f9dbba798217cd804aee1a2fc1a10e" }, "properties": [ { @@ -107,7 +107,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -115,7 +115,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -123,7 +123,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -208,7 +208,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -216,7 +216,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -224,7 +224,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -382,7 +382,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -390,7 +390,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -398,7 +398,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -432,7 +432,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -466,7 +466,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -500,7 +500,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -534,7 +534,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -568,7 +568,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -602,7 +602,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -864,7 +864,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -872,7 +872,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -880,7 +880,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -1142,7 +1142,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -1150,7 +1150,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -1158,7 +1158,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -1436,7 +1436,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -1444,7 +1444,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -1452,7 +1452,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -1461,11 +1461,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=854ccee33785ad46", + "bom-ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12&package-id=61199aa239b084c0", "type": "library", "publisher": "Santiago Vila ", "name": "base-files", - "version": "12.4+deb12u5", + "version": "12.4+deb12u6", "licenses": [ { "license": { @@ -1473,8 +1473,8 @@ } } ], - "cpe": "cpe:2.3:a:base-files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12", + "cpe": "cpe:2.3:a:base-files:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -1490,27 +1490,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base-files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base-files:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:0:path", @@ -1518,7 +1518,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:1:path", @@ -1526,7 +1526,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:2:path", @@ -1664,7 +1664,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -1672,7 +1672,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -1680,7 +1680,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -1838,7 +1838,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -1846,7 +1846,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -1854,7 +1854,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -1896,7 +1896,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -1904,7 +1904,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -1912,7 +1912,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -2058,7 +2058,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -2066,7 +2066,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -2074,7 +2074,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -2304,7 +2304,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -2312,7 +2312,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -2320,7 +2320,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -2364,7 +2364,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -2372,7 +2372,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -2380,7 +2380,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -2538,7 +2538,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -2546,7 +2546,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -2554,7 +2554,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -2588,7 +2588,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2638,7 +2638,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2688,7 +2688,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2738,7 +2738,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2788,7 +2788,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2838,7 +2838,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2888,7 +2888,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2913,7 +2913,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/antlr/antlr4@v4.0.0-20230305170008-8188dc5388df?package-id=9f46f32c09dac19d#runtime/Go/antlr/v4", + "bom-ref": "pkg:golang/github.com/antlr/antlr4@v4.0.0-20230305170008-8188dc5388df?package-id=9820ee9f552e7470#runtime/Go/antlr/v4", "type": "library", "name": "github.com/antlr/antlr4/runtime/Go/antlr/v4", "version": "v4.0.0-20230305170008-8188dc5388df", @@ -2938,7 +2938,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -2950,7 +2950,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2992,7 +2992,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3042,7 +3042,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3067,7 +3067,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=88e1cd04c607cb87", + "bom-ref": "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=d852910acaf00c85", "type": "library", "name": "github.com/beorn7/perks", "version": "v1.0.1", @@ -3092,7 +3092,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -3104,7 +3104,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3121,7 +3121,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/blang/semver@v4.0.0?package-id=1cadb9cb6c80c53d#v4", + "bom-ref": "pkg:golang/github.com/blang/semver@v4.0.0?package-id=f24029dabee86752#v4", "type": "library", "name": "github.com/blang/semver/v4", "version": "v4.0.0", @@ -3146,7 +3146,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -3158,7 +3158,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3200,7 +3200,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3225,7 +3225,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/cespare/xxhash@v2.2.0?package-id=45ff925547467394#v2", + "bom-ref": "pkg:golang/github.com/cespare/xxhash@v2.2.0?package-id=5b1ea50cec38dae0#v2", "type": "library", "name": "github.com/cespare/xxhash/v2", "version": "v2.2.0", @@ -3250,7 +3250,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -3262,7 +3262,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3308,7 +3308,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3358,7 +3358,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3408,7 +3408,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3462,7 +3462,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3516,7 +3516,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3570,7 +3570,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3595,7 +3595,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.2-0.20180830191138-d8f796af33cc?package-id=6a41ad830a35fa3a", + "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.2-0.20180830191138-d8f796af33cc?package-id=021e8a8075bc6c38", "type": "library", "name": "github.com/davecgh/go-spew", "version": "v1.1.2-0.20180830191138-d8f796af33cc", @@ -3624,7 +3624,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -3636,7 +3636,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3678,7 +3678,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3728,7 +3728,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3778,7 +3778,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3832,7 +3832,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3886,7 +3886,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3940,7 +3940,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3994,7 +3994,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4048,7 +4048,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4073,7 +4073,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/emicklei/go-restful@v3.11.0?package-id=3794a0163dd334af#v3", + "bom-ref": "pkg:golang/github.com/emicklei/go-restful@v3.11.0?package-id=1f69a39e1f7265fd#v3", "type": "library", "name": "github.com/emicklei/go-restful/v3", "version": "v3.11.0", @@ -4102,7 +4102,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4114,7 +4114,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4160,7 +4160,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4185,7 +4185,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/evanphx/json-patch@v5.6.0?package-id=abee44916e74a7d5#v5", + "bom-ref": "pkg:golang/github.com/evanphx/json-patch@v5.6.0?package-id=62d8e6aa96ad4427#v5", "type": "library", "name": "github.com/evanphx/json-patch/v5", "version": "v5.6.0", @@ -4214,7 +4214,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4226,7 +4226,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4276,7 +4276,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4326,7 +4326,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4376,7 +4376,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4401,7 +4401,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/fsnotify/fsnotify@v1.7.0?package-id=2a68babff60244a4", + "bom-ref": "pkg:golang/github.com/fsnotify/fsnotify@v1.7.0?package-id=cea6ffc8e85be392", "type": "library", "name": "github.com/fsnotify/fsnotify", "version": "v1.7.0", @@ -4426,7 +4426,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4438,7 +4438,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4480,7 +4480,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4538,7 +4538,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4596,7 +4596,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4654,7 +4654,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4679,7 +4679,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-logr/logr@v1.4.1?package-id=cd8352a43a5b0d62", + "bom-ref": "pkg:golang/github.com/go-logr/logr@v1.4.1?package-id=f48abfd7204df8a0", "type": "library", "name": "github.com/go-logr/logr", "version": "v1.4.1", @@ -4712,7 +4712,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4724,7 +4724,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4774,7 +4774,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4799,7 +4799,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-logr/zapr@v1.2.4?package-id=b0d585a422cc394d", + "bom-ref": "pkg:golang/github.com/go-logr/zapr@v1.2.4?package-id=2b0962fa828d7a0f", "type": "library", "name": "github.com/go-logr/zapr", "version": "v1.2.4", @@ -4832,7 +4832,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4844,7 +4844,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4894,7 +4894,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4919,7 +4919,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=609c3bd7df94070f", + "bom-ref": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=33da78f8f29a8961", "type": "library", "name": "github.com/go-openapi/jsonpointer", "version": "v0.19.6", @@ -4952,7 +4952,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4964,7 +4964,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5014,7 +5014,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5039,7 +5039,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=ac8c4bd47963e498", + "bom-ref": "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=0d38ab1030661897", "type": "library", "name": "github.com/go-openapi/jsonreference", "version": "v0.20.2", @@ -5072,7 +5072,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5084,7 +5084,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5134,7 +5134,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5159,7 +5159,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/swag@v0.22.4?package-id=e99a54aac51f69ab", + "bom-ref": "pkg:golang/github.com/go-openapi/swag@v0.22.4?package-id=7ed9f6623fd0ad4d", "type": "library", "name": "github.com/go-openapi/swag", "version": "v0.22.4", @@ -5192,7 +5192,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5204,7 +5204,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5246,7 +5246,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5296,7 +5296,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5346,7 +5346,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5371,7 +5371,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=4d383d18f89ff03d", + "bom-ref": "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=6e5100a377c7acf1", "type": "library", "name": "github.com/gogo/protobuf", "version": "v1.3.2", @@ -5396,7 +5396,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5408,7 +5408,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5425,7 +5425,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/golang/groupcache@v0.0.0-20210331224755-41bb18bfe9da?package-id=5d2ede722d397959", + "bom-ref": "pkg:golang/github.com/golang/groupcache@v0.0.0-20210331224755-41bb18bfe9da?package-id=a2ccf27610248563", "type": "library", "name": "github.com/golang/groupcache", "version": "v0.0.0-20210331224755-41bb18bfe9da", @@ -5450,7 +5450,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5462,7 +5462,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5504,7 +5504,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5529,7 +5529,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=cf05051e23606d8c", + "bom-ref": "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=69ecfc4acedc76c6", "type": "library", "name": "github.com/golang/protobuf", "version": "v1.5.3", @@ -5554,7 +5554,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5566,7 +5566,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5608,7 +5608,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5633,7 +5633,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/cel-go@v0.16.1?package-id=2fa03cb3308fddb4", + "bom-ref": "pkg:golang/github.com/google/cel-go@v0.16.1?package-id=d1561e8979c1051e", "type": "library", "name": "github.com/google/cel-go", "version": "v0.16.1", @@ -5662,7 +5662,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5674,7 +5674,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5720,7 +5720,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5745,7 +5745,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=8e03fe005fc61bd3", + "bom-ref": "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=fd78e9f4096341d9", "type": "library", "name": "github.com/google/gnostic-models", "version": "v0.6.8", @@ -5774,7 +5774,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5786,7 +5786,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5832,7 +5832,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5857,7 +5857,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/go-cmp@v0.6.0?package-id=0d249bd9f93ba664", + "bom-ref": "pkg:golang/github.com/google/go-cmp@v0.6.0?package-id=f41eb38263614dbc", "type": "library", "name": "github.com/google/go-cmp", "version": "v0.6.0", @@ -5886,7 +5886,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5898,7 +5898,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5940,7 +5940,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5965,7 +5965,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=70fac8da5c69ad39", + "bom-ref": "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=49363cdd0348c6e0", "type": "library", "name": "github.com/google/gofuzz", "version": "v1.2.0", @@ -5990,7 +5990,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6002,7 +6002,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6044,7 +6044,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6094,7 +6094,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6119,7 +6119,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/uuid@v1.4.0?package-id=2499158a9f49812e", + "bom-ref": "pkg:golang/github.com/google/uuid@v1.4.0?package-id=c02c6724944e0ec7", "type": "library", "name": "github.com/google/uuid", "version": "v1.4.0", @@ -6144,7 +6144,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6156,7 +6156,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6198,7 +6198,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6248,7 +6248,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6298,7 +6298,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6348,7 +6348,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6373,7 +6373,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/h2non/filetype@v1.1.3?package-id=34f952814fb1bb66", + "bom-ref": "pkg:golang/github.com/h2non/filetype@v1.1.3?package-id=bff0f0cdb7dcc96f", "type": "library", "name": "github.com/h2non/filetype", "version": "v1.1.3", @@ -6398,7 +6398,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6410,7 +6410,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6427,7 +6427,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/h2non/go-is-svg@v0.0.0-20160927212452-35e8c4b0612c?package-id=fd6207733b603c83", + "bom-ref": "pkg:golang/github.com/h2non/go-is-svg@v0.0.0-20160927212452-35e8c4b0612c?package-id=6b7e5b845a335321", "type": "library", "name": "github.com/h2non/go-is-svg", "version": "v0.0.0-20160927212452-35e8c4b0612c", @@ -6456,7 +6456,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6468,7 +6468,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6510,7 +6510,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6564,7 +6564,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6614,7 +6614,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6664,7 +6664,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6689,7 +6689,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/imdario/mergo@v0.3.13?package-id=36a26c58adda0c46", + "bom-ref": "pkg:golang/github.com/imdario/mergo@v0.3.13?package-id=fd46d21e02aa299f", "type": "library", "name": "github.com/imdario/mergo", "version": "v0.3.13", @@ -6714,7 +6714,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6726,7 +6726,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6768,7 +6768,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6818,7 +6818,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6843,7 +6843,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=c8864bebeffa7686", + "bom-ref": "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=ab64358b85d5d979", "type": "library", "name": "github.com/josharian/intern", "version": "v1.0.0", @@ -6868,7 +6868,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6880,7 +6880,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6930,7 +6930,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6955,7 +6955,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=1152de83e54a07c1", + "bom-ref": "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=0fbd359f9f67ea75", "type": "library", "name": "github.com/json-iterator/go", "version": "v1.1.12", @@ -6988,7 +6988,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -7000,7 +7000,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -7042,7 +7042,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7092,7 +7092,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7142,7 +7142,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7192,7 +7192,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7242,7 +7242,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7292,7 +7292,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7317,7 +7317,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=e0ef44845f26878d", + "bom-ref": "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=af01d2cc31aa87ab", "type": "library", "name": "github.com/mailru/easyjson", "version": "v0.7.7", @@ -7342,7 +7342,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -7354,7 +7354,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -7400,7 +7400,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7454,7 +7454,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7508,7 +7508,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7562,7 +7562,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7587,7 +7587,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v2.0.0?package-id=e8ed749c42f00308#v2", + "bom-ref": "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v2.0.0?package-id=a120ac1532d06579#v2", "type": "library", "name": "github.com/matttproud/golang_protobuf_extensions/v2", "version": "v2.0.0", @@ -7616,7 +7616,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -7628,7 +7628,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -7670,7 +7670,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7724,7 +7724,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7774,7 +7774,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7824,7 +7824,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7874,7 +7874,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7924,7 +7924,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7982,7 +7982,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8007,7 +8007,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=290a79e0ff39ee59", + "bom-ref": "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=a8201f41f544f12b", "type": "library", "name": "github.com/modern-go/concurrent", "version": "v0.0.0-20180306012644-bacd9c7ef1dd", @@ -8040,7 +8040,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8052,7 +8052,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8102,7 +8102,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8127,7 +8127,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=56cc6806d67daefc", + "bom-ref": "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=7cb400a10d36ed3b", "type": "library", "name": "github.com/modern-go/reflect2", "version": "v1.0.2", @@ -8160,7 +8160,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8172,7 +8172,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8218,7 +8218,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8268,7 +8268,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8318,7 +8318,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8343,7 +8343,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=b616da3658982b63", + "bom-ref": "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=e54f0218a2c060fd", "type": "library", "name": "github.com/munnerz/goautoneg", "version": "v0.0.0-20191010083416-a7dc8b61c822", @@ -8368,7 +8368,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8380,7 +8380,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8426,7 +8426,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8451,7 +8451,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/mxk/go-flowrate@v0.0.0-20140419014527-cca7078d478f?package-id=9038d32a1cbe0120", + "bom-ref": "pkg:golang/github.com/mxk/go-flowrate@v0.0.0-20140419014527-cca7078d478f?package-id=947882ae32065f95", "type": "library", "name": "github.com/mxk/go-flowrate", "version": "v0.0.0-20140419014527-cca7078d478f", @@ -8480,7 +8480,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8492,7 +8492,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8509,7 +8509,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/onsi/gomega@v1.30.0?package-id=c7dd5e8d7794a071", + "bom-ref": "pkg:golang/github.com/onsi/gomega@v1.30.0?package-id=d9fe55d01e8eef44", "type": "library", "name": "github.com/onsi/gomega", "version": "v1.30.0", @@ -8534,7 +8534,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8546,7 +8546,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8592,7 +8592,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8646,7 +8646,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8671,12 +8671,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/operator-framework/ansible-operator-plugins@v36e6098?package-id=d6447a447fc6ab12", + "bom-ref": "pkg:golang/github.com/operator-framework/ansible-operator-plugins@v1.28.0?package-id=e01035932f70db61", "type": "library", "name": "github.com/operator-framework/ansible-operator-plugins", - "version": "v36e6098", - "cpe": "cpe:2.3:a:operator-framework:ansible-operator-plugins:v36e6098:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/operator-framework/ansible-operator-plugins@v36e6098", + "version": "v1.28.0", + "cpe": "cpe:2.3:a:operator-framework:ansible-operator-plugins:v1.28.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/operator-framework/ansible-operator-plugins@v1.28.0", "properties": [ { "name": "syft:package:foundBy", @@ -8696,27 +8696,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:operator-framework:ansible_operator_plugins:v36e6098:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:operator-framework:ansible_operator_plugins:v1.28.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:operator_framework:ansible-operator-plugins:v36e6098:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:operator_framework:ansible-operator-plugins:v1.28.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:operator_framework:ansible_operator_plugins:v36e6098:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:operator_framework:ansible_operator_plugins:v1.28.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:operator:ansible-operator-plugins:v36e6098:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:operator:ansible-operator-plugins:v1.28.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:operator:ansible_operator_plugins:v36e6098:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:operator:ansible_operator_plugins:v1.28.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8728,7 +8728,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8741,7 +8741,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/operator-framework/api@v0.21.0?package-id=e0fa1aad5ebb5a14", + "bom-ref": "pkg:golang/github.com/operator-framework/api@v0.21.0?package-id=db3fc61dfc3a2bb8", "type": "library", "name": "github.com/operator-framework/api", "version": "v0.21.0", @@ -8774,7 +8774,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8786,7 +8786,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8803,7 +8803,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/operator-framework/operator-lib@v0.12.0?package-id=619923b86f0dfc81", + "bom-ref": "pkg:golang/github.com/operator-framework/operator-lib@v0.12.0?package-id=f6200769c3f4abe9", "type": "library", "name": "github.com/operator-framework/operator-lib", "version": "v0.12.0", @@ -8848,7 +8848,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8860,7 +8860,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8877,7 +8877,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/operator-framework/operator-registry@v1.35.0?package-id=40f35949cdde0b8b", + "bom-ref": "pkg:golang/github.com/operator-framework/operator-registry@v1.35.0?package-id=5c53e1a0fe2b646b", "type": "library", "name": "github.com/operator-framework/operator-registry", "version": "v1.35.0", @@ -8922,7 +8922,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8934,7 +8934,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8976,7 +8976,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9026,7 +9026,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9051,7 +9051,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/pkg/errors@v0.9.1?package-id=dff20a7a96e331d2", + "bom-ref": "pkg:golang/github.com/pkg/errors@v0.9.1?package-id=2ebcefc04ca5e94c", "type": "library", "name": "github.com/pkg/errors", "version": "v0.9.1", @@ -9076,7 +9076,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9088,7 +9088,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9134,7 +9134,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9159,7 +9159,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/client_golang@v1.18.0?package-id=f5fdad80f78ffcf5", + "bom-ref": "pkg:golang/github.com/prometheus/client_golang@v1.18.0?package-id=f692fbad4e3943be", "type": "library", "name": "github.com/prometheus/client_golang", "version": "v1.18.0", @@ -9188,7 +9188,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9200,7 +9200,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9246,7 +9246,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9271,7 +9271,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/client_model@v0.5.0?package-id=bdae07e2d3757913", + "bom-ref": "pkg:golang/github.com/prometheus/client_model@v0.5.0?package-id=a698f6e90bbe0e0b", "type": "library", "name": "github.com/prometheus/client_model", "version": "v0.5.0", @@ -9300,7 +9300,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9312,7 +9312,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9354,7 +9354,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9379,7 +9379,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/common@v0.45.0?package-id=3ae5111954c7c00c", + "bom-ref": "pkg:golang/github.com/prometheus/common@v0.45.0?package-id=cf851583dc268cda", "type": "library", "name": "github.com/prometheus/common", "version": "v0.45.0", @@ -9404,7 +9404,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9416,7 +9416,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9458,7 +9458,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9483,7 +9483,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/procfs@v0.12.0?package-id=6ecf7bf790f656f6", + "bom-ref": "pkg:golang/github.com/prometheus/procfs@v0.12.0?package-id=188c22ff8b41f625", "type": "library", "name": "github.com/prometheus/procfs", "version": "v0.12.0", @@ -9508,7 +9508,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9520,7 +9520,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9566,7 +9566,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9616,7 +9616,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9666,7 +9666,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9716,7 +9716,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9741,7 +9741,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/sirupsen/logrus@v1.9.3?package-id=848df6cac3cf573e", + "bom-ref": "pkg:golang/github.com/sirupsen/logrus@v1.9.3?package-id=4cef29b92f702e95", "type": "library", "name": "github.com/sirupsen/logrus", "version": "v1.9.3", @@ -9766,7 +9766,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9778,7 +9778,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9795,7 +9795,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/afero@v1.11.0?package-id=8687ba678a5fbd05", + "bom-ref": "pkg:golang/github.com/spf13/afero@v1.11.0?package-id=65b23bc581dbd244", "type": "library", "name": "github.com/spf13/afero", "version": "v1.11.0", @@ -9820,7 +9820,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9832,7 +9832,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9874,7 +9874,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9924,7 +9924,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9949,7 +9949,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.8.0?package-id=8a625d8842e50033", + "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.8.0?package-id=71d3029a2532f3ad", "type": "library", "name": "github.com/spf13/cobra", "version": "v1.8.0", @@ -9974,7 +9974,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9986,7 +9986,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10028,7 +10028,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10053,7 +10053,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=c294be09c9b723ed", + "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=d40b873071e286ca", "type": "library", "name": "github.com/spf13/pflag", "version": "v1.0.5", @@ -10078,7 +10078,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10090,7 +10090,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10107,7 +10107,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/stoewer/go-strcase@v1.2.0?package-id=8e254d661ef10cf4", + "bom-ref": "pkg:golang/github.com/stoewer/go-strcase@v1.2.0?package-id=88dbe3f68bbd14a9", "type": "library", "name": "github.com/stoewer/go-strcase", "version": "v1.2.0", @@ -10136,7 +10136,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10148,7 +10148,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10190,7 +10190,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10240,7 +10240,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10290,7 +10290,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10340,7 +10340,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10390,7 +10390,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10439,7 +10439,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10489,7 +10489,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10539,7 +10539,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10588,7 +10588,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10613,7 +10613,7 @@ ] }, { - "bom-ref": "pkg:golang/go.uber.org/multierr@v1.11.0?package-id=a112e969d72e2d43", + "bom-ref": "pkg:golang/go.uber.org/multierr@v1.11.0?package-id=bd8ec1cd27c96ab9", "type": "library", "name": "go.uber.org/multierr", "version": "v1.11.0", @@ -10637,7 +10637,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10649,7 +10649,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10666,7 +10666,7 @@ ] }, { - "bom-ref": "pkg:golang/go.uber.org/zap@v1.25.0?package-id=129dc2fa6b889950", + "bom-ref": "pkg:golang/go.uber.org/zap@v1.25.0?package-id=36969786a32c9e4f", "type": "library", "name": "go.uber.org/zap", "version": "v1.25.0", @@ -10690,7 +10690,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10702,7 +10702,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10744,7 +10744,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10769,7 +10769,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/exp@v0.0.0-20230905200255-921286631fa9?package-id=428abd633185f93d", + "bom-ref": "pkg:golang/golang.org/x/exp@v0.0.0-20230905200255-921286631fa9?package-id=03dfa2214a487beb", "type": "library", "name": "golang.org/x/exp", "version": "v0.0.0-20230905200255-921286631fa9", @@ -10794,7 +10794,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10806,7 +10806,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10848,7 +10848,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10873,7 +10873,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/net@v0.20.0?package-id=a2fce92e144fbc71", + "bom-ref": "pkg:golang/golang.org/x/net@v0.20.0?package-id=74d027b531e7de02", "type": "library", "name": "golang.org/x/net", "version": "v0.20.0", @@ -10898,7 +10898,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10910,7 +10910,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10952,7 +10952,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10977,7 +10977,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/oauth2@v0.15.0?package-id=df31ed0bc624bd1a", + "bom-ref": "pkg:golang/golang.org/x/oauth2@v0.15.0?package-id=82a4ff55d678377c", "type": "library", "name": "golang.org/x/oauth2", "version": "v0.15.0", @@ -11002,7 +11002,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11014,7 +11014,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11056,7 +11056,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11106,7 +11106,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11131,7 +11131,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/sys@v0.16.0?package-id=abf110d482c08ab1", + "bom-ref": "pkg:golang/golang.org/x/sys@v0.16.0?package-id=0fe0bb7bacfe9242", "type": "library", "name": "golang.org/x/sys", "version": "v0.16.0", @@ -11156,7 +11156,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11168,7 +11168,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11210,7 +11210,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11235,7 +11235,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/term@v0.16.0?package-id=06a8a9352b118d7d", + "bom-ref": "pkg:golang/golang.org/x/term@v0.16.0?package-id=e496c1429eed599b", "type": "library", "name": "golang.org/x/term", "version": "v0.16.0", @@ -11260,7 +11260,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11272,7 +11272,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11314,7 +11314,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11339,7 +11339,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/text@v0.14.0?package-id=dd17ef7c453ce0ae", + "bom-ref": "pkg:golang/golang.org/x/text@v0.14.0?package-id=53bda3d094859e5c", "type": "library", "name": "golang.org/x/text", "version": "v0.14.0", @@ -11364,7 +11364,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11376,7 +11376,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11418,7 +11418,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11443,7 +11443,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/time@v0.5.0?package-id=229009ed90fbe567", + "bom-ref": "pkg:golang/golang.org/x/time@v0.5.0?package-id=ba99272182c980c0", "type": "library", "name": "golang.org/x/time", "version": "v0.5.0", @@ -11468,7 +11468,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11480,7 +11480,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11497,7 +11497,7 @@ ] }, { - "bom-ref": "pkg:golang/gomodules.xyz/jsonpatch/v2@v2.4.0?package-id=fff958001fd8a251", + "bom-ref": "pkg:golang/gomodules.xyz/jsonpatch/v2@v2.4.0?package-id=34d2ebc84180de24", "type": "library", "name": "gomodules.xyz/jsonpatch/v2", "version": "v2.4.0", @@ -11522,7 +11522,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11534,7 +11534,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11820,7 +11820,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -11828,7 +11828,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -11836,7 +11836,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -11845,7 +11845,7 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231120223509-83a465c0220f?package-id=a335ace129e34d48#api", + "bom-ref": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231120223509-83a465c0220f?package-id=f009b2455f0173b2#api", "type": "library", "name": "google.golang.org/genproto/googleapis/api", "version": "v0.0.0-20231120223509-83a465c0220f", @@ -11870,7 +11870,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11882,7 +11882,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11924,7 +11924,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11949,7 +11949,7 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231212172506-995d672761c0?package-id=0eae36fe841ffe94#rpc", + "bom-ref": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231212172506-995d672761c0?package-id=913c49b8106e7d52#rpc", "type": "library", "name": "google.golang.org/genproto/googleapis/rpc", "version": "v0.0.0-20231212172506-995d672761c0", @@ -11974,7 +11974,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11986,7 +11986,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12028,7 +12028,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12053,7 +12053,7 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/grpc@v1.60.1?package-id=0c532ea732d0033e", + "bom-ref": "pkg:golang/google.golang.org/grpc@v1.60.1?package-id=636101af290a4894", "type": "library", "name": "google.golang.org/grpc", "version": "v1.60.1", @@ -12078,7 +12078,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12090,7 +12090,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12132,7 +12132,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12157,7 +12157,7 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=2d01130f548ca187", + "bom-ref": "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=cf0a618c2651fffc", "type": "library", "name": "google.golang.org/protobuf", "version": "v1.31.0", @@ -12182,7 +12182,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12194,7 +12194,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12235,7 +12235,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12260,7 +12260,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=0c06c4f84aa87b85", + "bom-ref": "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=d9c92d6fad067487", "type": "library", "name": "gopkg.in/inf.v0", "version": "v0.9.1", @@ -12284,7 +12284,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12296,7 +12296,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12337,7 +12337,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12362,7 +12362,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=d41e9d6a877e2cd5", + "bom-ref": "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=a3142707399850ad", "type": "library", "name": "gopkg.in/yaml.v2", "version": "v2.4.0", @@ -12386,7 +12386,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12398,7 +12398,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12440,7 +12440,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12465,7 +12465,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=b66410266ae5e6c4", + "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=1de0a56d885271d5", "type": "library", "name": "gopkg.in/yaml.v3", "version": "v3.0.1", @@ -12490,7 +12490,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12502,7 +12502,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12519,7 +12519,7 @@ ] }, { - "bom-ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=eaaf7e7c6c586545", + "bom-ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=a06b39d8afcd16cd", "type": "application", "name": "helm", "version": "3.14.0", @@ -12548,7 +12548,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12582,7 +12582,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12721,7 +12721,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -12729,7 +12729,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -12887,7 +12887,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -12895,7 +12895,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -12903,7 +12903,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -12912,7 +12912,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/api@v0.28.5?package-id=40964a786adca107", + "bom-ref": "pkg:golang/k8s.io/api@v0.28.5?package-id=87dd2328d052f922", "type": "library", "name": "k8s.io/api", "version": "v0.28.5", @@ -12936,7 +12936,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12948,7 +12948,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12989,7 +12989,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13014,7 +13014,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.5?package-id=ba7a6de1eba3fa07", + "bom-ref": "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.5?package-id=b4be89cc25d97ba9", "type": "library", "name": "k8s.io/apiextensions-apiserver", "version": "v0.28.5", @@ -13038,7 +13038,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13050,7 +13050,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13091,7 +13091,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13116,7 +13116,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/apimachinery@v0.28.5?package-id=476103c47754030d", + "bom-ref": "pkg:golang/k8s.io/apimachinery@v0.28.5?package-id=bd6cfc7881749818", "type": "library", "name": "k8s.io/apimachinery", "version": "v0.28.5", @@ -13140,7 +13140,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13152,7 +13152,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13193,7 +13193,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13242,7 +13242,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13291,7 +13291,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13316,7 +13316,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/client-go@v0.28.5?package-id=d39be5e7128b9071", + "bom-ref": "pkg:golang/k8s.io/client-go@v0.28.5?package-id=dfa4d6f7438c613f", "type": "library", "name": "k8s.io/client-go", "version": "v0.28.5", @@ -13340,7 +13340,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13352,7 +13352,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13393,7 +13393,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13418,7 +13418,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/component-base@v0.28.5?package-id=32e9bd9673d3c1cf", + "bom-ref": "pkg:golang/k8s.io/component-base@v0.28.5?package-id=8a613a6b291f1f67", "type": "library", "name": "k8s.io/component-base", "version": "v0.28.5", @@ -13442,7 +13442,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13454,7 +13454,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13495,7 +13495,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13520,7 +13520,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=e97df069e7548380", + "bom-ref": "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=0a6ce9aa23b27782", "type": "library", "name": "k8s.io/klog/v2", "version": "v2.100.1", @@ -13545,7 +13545,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13557,7 +13557,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13599,7 +13599,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13624,7 +13624,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=5c49464188691119", + "bom-ref": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=c94717a5d006a06a", "type": "library", "name": "k8s.io/kube-openapi", "version": "v0.0.0-20230717233707-2695361300d9", @@ -13648,7 +13648,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13660,7 +13660,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13701,7 +13701,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13726,7 +13726,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/kubectl@v0.28.5?package-id=910eb7eeb49047a7", + "bom-ref": "pkg:golang/k8s.io/kubectl@v0.28.5?package-id=fa02371897088365", "type": "library", "name": "k8s.io/kubectl", "version": "v0.28.5", @@ -13750,7 +13750,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13762,7 +13762,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13803,7 +13803,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13852,7 +13852,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13877,7 +13877,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20240102154912-e7106e64919e?package-id=05ef0c0892b8d52a", + "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20240102154912-e7106e64919e?package-id=01b2944de401e4a9", "type": "library", "name": "k8s.io/utils", "version": "v0.0.0-20240102154912-e7106e64919e", @@ -13901,7 +13901,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13913,7 +13913,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -14007,7 +14007,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -14015,7 +14015,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -14023,7 +14023,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -15454,11 +15454,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3", + "bom-ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651", "type": "library", "publisher": "Matthias Klose ", "name": "libpython3.11-minimal", - "version": "3.11.2-6", + "version": "3.11.2-6+deb12u2", "licenses": [ { "license": { @@ -15486,8 +15486,8 @@ } } ], - "cpe": "cpe:2.3:a:libpython3.11-minimal:libpython3.11-minimal:3.11.2-6:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12", + "cpe": "cpe:2.3:a:libpython3.11-minimal:libpython3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -15503,27 +15503,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11-minimal:libpython3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11-minimal:libpython3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11_minimal:libpython3.11-minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11_minimal:libpython3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11_minimal:libpython3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11_minimal:libpython3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11:libpython3.11-minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11:libpython3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11:libpython3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11:libpython3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:32632c26d0ad02b5e066924f64ef6d1bc73cfa80eaaa1897006bd2e0622a0148" + "value": "sha256:6d38222b0f5ca20b86de61e8815c3e8dccfa718afb8037487b944f88e99cb110" }, { "name": "syft:location:0:path", @@ -15531,7 +15531,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:32632c26d0ad02b5e066924f64ef6d1bc73cfa80eaaa1897006bd2e0622a0148" + "value": "sha256:6d38222b0f5ca20b86de61e8815c3e8dccfa718afb8037487b944f88e99cb110" }, { "name": "syft:location:1:path", @@ -15539,7 +15539,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:32632c26d0ad02b5e066924f64ef6d1bc73cfa80eaaa1897006bd2e0622a0148" + "value": "sha256:6d38222b0f5ca20b86de61e8815c3e8dccfa718afb8037487b944f88e99cb110" }, { "name": "syft:location:2:path", @@ -15547,7 +15547,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "5198" + "value": "5202" }, { "name": "syft:metadata:source", @@ -15556,11 +15556,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0", + "bom-ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=99bba6ed48d491dd", "type": "library", "publisher": "Matthias Klose ", "name": "libpython3.11-stdlib", - "version": "3.11.2-6", + "version": "3.11.2-6+deb12u2", "licenses": [ { "license": { @@ -15588,8 +15588,8 @@ } } ], - "cpe": "cpe:2.3:a:libpython3.11-stdlib:libpython3.11-stdlib:3.11.2-6:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12", + "cpe": "cpe:2.3:a:libpython3.11-stdlib:libpython3.11-stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -15605,27 +15605,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11-stdlib:libpython3.11_stdlib:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11-stdlib:libpython3.11_stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11_stdlib:libpython3.11-stdlib:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11_stdlib:libpython3.11-stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11_stdlib:libpython3.11_stdlib:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11_stdlib:libpython3.11_stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11:libpython3.11-stdlib:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11:libpython3.11-stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11:libpython3.11_stdlib:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11:libpython3.11_stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:32632c26d0ad02b5e066924f64ef6d1bc73cfa80eaaa1897006bd2e0622a0148" + "value": "sha256:6d38222b0f5ca20b86de61e8815c3e8dccfa718afb8037487b944f88e99cb110" }, { "name": "syft:location:0:path", @@ -15633,7 +15633,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:01828f5cdcac8d69f6b1fbee9ead8b423ecc5fe647e02e495b256658b87aba06" + "value": "sha256:3a7a04eddce82cd9a76b3133506ac22048df4ebcd1af2c1a2cc12019bdcac5f3" }, { "name": "syft:location:1:path", @@ -15641,7 +15641,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:01828f5cdcac8d69f6b1fbee9ead8b423ecc5fe647e02e495b256658b87aba06" + "value": "sha256:3a7a04eddce82cd9a76b3133506ac22048df4ebcd1af2c1a2cc12019bdcac5f3" }, { "name": "syft:location:2:path", @@ -15842,11 +15842,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e", + "bom-ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19", "type": "library", "publisher": "Debian OpenSSL Team ", "name": "libssl3", - "version": "3.0.11-1~deb12u2", + "version": "3.0.13-1~deb12u1", "licenses": [ { "license": { @@ -15869,8 +15869,8 @@ } } ], - "cpe": "cpe:2.3:a:libssl3:libssl3:3.0.11-1\\~deb12u2:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12", + "cpe": "cpe:2.3:a:libssl3:libssl3:3.0.13-1\\~deb12u1:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -15886,7 +15886,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a75711e7567067aecf1add65ab3be44781082fb938793b73960233a4d435842d" + "value": "sha256:9c72aa2ec06c9f3c851381644e4ba739f6cc7bf201fdb8f064d8c3f64426e1dc" }, { "name": "syft:location:0:path", @@ -15894,7 +15894,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a75711e7567067aecf1add65ab3be44781082fb938793b73960233a4d435842d" + "value": "sha256:9c72aa2ec06c9f3c851381644e4ba739f6cc7bf201fdb8f064d8c3f64426e1dc" }, { "name": "syft:location:1:path", @@ -15902,7 +15902,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a75711e7567067aecf1add65ab3be44781082fb938793b73960233a4d435842d" + "value": "sha256:9c72aa2ec06c9f3c851381644e4ba739f6cc7bf201fdb8f064d8c3f64426e1dc" }, { "name": "syft:location:2:path", @@ -15910,7 +15910,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "6010" + "value": "6008" }, { "name": "syft:metadata:source", @@ -16408,7 +16408,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -16416,7 +16416,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -16424,7 +16424,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -16582,7 +16582,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -16590,7 +16590,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -16598,7 +16598,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -16814,7 +16814,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -16822,7 +16822,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -16830,7 +16830,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -16863,7 +16863,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -17006,7 +17006,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17014,7 +17014,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -17172,7 +17172,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17180,7 +17180,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -17188,7 +17188,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -17346,7 +17346,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17354,7 +17354,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -17362,7 +17362,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -17508,7 +17508,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17516,7 +17516,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -17524,7 +17524,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -17786,7 +17786,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17794,7 +17794,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -17802,7 +17802,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -17960,7 +17960,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17968,7 +17968,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18126,7 +18126,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -18134,7 +18134,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18142,7 +18142,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -18404,7 +18404,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -18412,7 +18412,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18420,7 +18420,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -18578,7 +18578,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -18586,7 +18586,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18594,7 +18594,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -18603,7 +18603,7 @@ ] }, { - "bom-ref": "pkg:generic/python@3.11.9?package-id=a48d082afc955ee4", + "bom-ref": "pkg:generic/python@3.11.9?package-id=09a1e3f80eef3fc9", "type": "application", "name": "python", "version": "3.11.9", @@ -18632,7 +18632,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:f9967588551a40dc35448d9ce5f767287357e3c099527a7939e81d3dcd1e9488" + "value": "sha256:911300468fe0ce49f852ba8739e9f88f9e76d673df169b32760e79d86e9eb2a8" }, { "name": "syft:location:0:path", @@ -18640,7 +18640,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18750,7 +18750,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -18758,7 +18758,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18766,7 +18766,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -18876,7 +18876,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -18884,7 +18884,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18892,7 +18892,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -18976,11 +18976,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77", + "bom-ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0b5e9759b20aed22", "type": "library", "publisher": "Matthias Klose ", "name": "python3.11-minimal", - "version": "3.11.2-6", + "version": "3.11.2-6+deb12u2", "licenses": [ { "license": { @@ -19008,8 +19008,8 @@ } } ], - "cpe": "cpe:2.3:a:python3.11-minimal:python3.11-minimal:3.11.2-6:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12", + "cpe": "cpe:2.3:a:python3.11-minimal:python3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -19025,27 +19025,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python3.11-minimal:python3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python3.11-minimal:python3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python3.11_minimal:python3.11-minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python3.11_minimal:python3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python3.11_minimal:python3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python3.11_minimal:python3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python3.11:python3.11-minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python3.11:python3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python3.11:python3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python3.11:python3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:8d4578ab4587c9e7d34da67daa87d79c18baaf575c80b8fee1bea27e8f8b4363" + "value": "sha256:e6d19d186cb7a4231ba6b174b9d91bedd92961a45f04e2de8f482176a51ca67a" }, { "name": "syft:location:0:path", @@ -19053,7 +19053,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:8d4578ab4587c9e7d34da67daa87d79c18baaf575c80b8fee1bea27e8f8b4363" + "value": "sha256:e6d19d186cb7a4231ba6b174b9d91bedd92961a45f04e2de8f482176a51ca67a" }, { "name": "syft:location:1:path", @@ -19061,7 +19061,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:8d4578ab4587c9e7d34da67daa87d79c18baaf575c80b8fee1bea27e8f8b4363" + "value": "sha256:e6d19d186cb7a4231ba6b174b9d91bedd92961a45f04e2de8f482176a51ca67a" }, { "name": "syft:location:2:path", @@ -19069,7 +19069,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "6761" + "value": "6770" }, { "name": "syft:metadata:source", @@ -19111,7 +19111,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19119,7 +19119,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19127,7 +19127,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -19389,7 +19389,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19397,7 +19397,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19405,7 +19405,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -19667,7 +19667,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19675,7 +19675,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19683,7 +19683,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -19841,7 +19841,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19849,7 +19849,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19857,7 +19857,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -19899,7 +19899,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19907,7 +19907,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19949,7 +19949,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19957,7 +19957,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19965,7 +19965,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -19974,7 +19974,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/controller-runtime@v0.16.3?package-id=c86d1c4e92a61887", + "bom-ref": "pkg:golang/sigs.k8s.io/controller-runtime@v0.16.3?package-id=8d144317f46308db", "type": "library", "name": "sigs.k8s.io/controller-runtime", "version": "v0.16.3", @@ -19998,7 +19998,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -20010,7 +20010,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -20051,7 +20051,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20076,7 +20076,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=2b0330d6821d0405", + "bom-ref": "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=b8631f613866a59f", "type": "library", "name": "sigs.k8s.io/json", "version": "v0.0.0-20221116044647-bc3834ca7abd", @@ -20100,7 +20100,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -20112,7 +20112,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -20154,7 +20154,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20204,7 +20204,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20229,7 +20229,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=756e75b465f3e6e8", + "bom-ref": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=522086b451fcdfd4", "type": "library", "name": "sigs.k8s.io/structured-merge-diff/v4", "version": "v4.2.3", @@ -20270,7 +20270,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -20282,7 +20282,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -20340,7 +20340,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20389,7 +20389,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20414,7 +20414,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/yaml@v1.4.0?package-id=3d1e144e2dde499b", + "bom-ref": "pkg:golang/sigs.k8s.io/yaml@v1.4.0?package-id=51661fa0a6f0757b", "type": "library", "name": "sigs.k8s.io/yaml", "version": "v1.4.0", @@ -20438,7 +20438,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -20450,7 +20450,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -20616,7 +20616,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -20624,7 +20624,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -20632,7 +20632,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -20669,7 +20669,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20682,10 +20682,10 @@ ] }, { - "bom-ref": "pkg:golang/stdlib@1.22.4?package-id=8b929afd8e3fcec9", + "bom-ref": "pkg:golang/stdlib@1.22.5?package-id=c2da1ec8a4f923ee", "type": "library", "name": "stdlib", - "version": "go1.22.4", + "version": "go1.22.5", "licenses": [ { "license": { @@ -20693,8 +20693,8 @@ } } ], - "cpe": "cpe:2.3:a:golang:go:1.22.4:-:*:*:*:*:*:*", - "purl": "pkg:golang/stdlib@1.22.4", + "cpe": "cpe:2.3:a:golang:go:1.22.5:-:*:*:*:*:*:*", + "purl": "pkg:golang/stdlib@1.22.5", "properties": [ { "name": "syft:package:language", @@ -20710,7 +20710,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -20718,7 +20718,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" } ] }, @@ -20814,7 +20814,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -20822,7 +20822,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -20830,7 +20830,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -21108,7 +21108,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -21116,7 +21116,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -21124,7 +21124,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -21251,7 +21251,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -21259,7 +21259,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -21457,7 +21457,7 @@ "pkg:deb/debian/libk5crypto3@1.20.1-2%2Bdeb12u1?arch=amd64&upstream=krb5&distro=debian-12&package-id=1169ac8a3402720b", "pkg:deb/debian/libkeyutils1@1.6.3-2?arch=amd64&upstream=keyutils&distro=debian-12&package-id=e182c5a1d7f7d1ea", "pkg:deb/debian/libkrb5support0@1.20.1-2%2Bdeb12u1?arch=amd64&upstream=krb5&distro=debian-12&package-id=3d8e7e7b414fbb89", - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" ] }, { @@ -21487,14 +21487,14 @@ ] }, { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3", + "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=0af09cd7d011faf5", - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" ] }, { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0", + "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=99bba6ed48d491dd", "dependsOn": [ "pkg:deb/debian/libbz2-1.0@1.0.8-5%2Bb1?arch=amd64&upstream=bzip2%401.0.8-5&distro=debian-12&package-id=636e31bcf3b8f8ea", "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=0af09cd7d011faf5", @@ -21504,7 +21504,7 @@ "pkg:deb/debian/liblzma5@5.4.1-0.2?arch=amd64&upstream=xz-utils&distro=debian-12&package-id=e589b1402ec4de9c", "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=015b1bb725c05616", "pkg:deb/debian/libnsl2@1.3.0-2?arch=amd64&upstream=libnsl&distro=debian-12&package-id=6febad3629e7b7fc", - "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3", + "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651", "pkg:deb/debian/libreadline8@8.2-1.3?arch=amd64&upstream=readline&distro=debian-12&package-id=cf1e156bd7515d7e", "pkg:deb/debian/libsqlite3-0@3.40.1-2?arch=amd64&upstream=sqlite3&distro=debian-12&package-id=ba7901014862fb39", "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=36361b5a97996e94", @@ -21526,7 +21526,7 @@ ] }, { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e", + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=0af09cd7d011faf5" ] @@ -21558,11 +21558,11 @@ ] }, { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77", + "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0b5e9759b20aed22", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=0af09cd7d011faf5", "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=0a0dfff5ad2a7836", - "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3", + "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651", "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=aad1c23de303b3c3" ] }, @@ -21573,11 +21573,233 @@ ] }, { - "ref": "pkg:generic/python@3.11.9?package-id=a48d082afc955ee4", + "ref": "pkg:generic/python@3.11.9?package-id=09a1e3f80eef3fc9", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=0af09cd7d011faf5" ] }, + { + "ref": "pkg:golang/github.com/operator-framework/ansible-operator-plugins@v1.28.0?package-id=e01035932f70db61", + "dependsOn": [ + "pkg:golang/github.com/antlr/antlr4@v4.0.0-20230305170008-8188dc5388df?package-id=9820ee9f552e7470#runtime/Go/antlr/v4", + "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=d852910acaf00c85", + "pkg:golang/github.com/blang/semver@v4.0.0?package-id=f24029dabee86752#v4", + "pkg:golang/github.com/cespare/xxhash@v2.2.0?package-id=5b1ea50cec38dae0#v2", + "pkg:golang/github.com/davecgh/go-spew@v1.1.2-0.20180830191138-d8f796af33cc?package-id=021e8a8075bc6c38", + "pkg:golang/github.com/emicklei/go-restful@v3.11.0?package-id=1f69a39e1f7265fd#v3", + "pkg:golang/github.com/evanphx/json-patch@v5.6.0?package-id=62d8e6aa96ad4427#v5", + "pkg:golang/github.com/fsnotify/fsnotify@v1.7.0?package-id=cea6ffc8e85be392", + "pkg:golang/github.com/go-logr/logr@v1.4.1?package-id=f48abfd7204df8a0", + "pkg:golang/github.com/go-logr/zapr@v1.2.4?package-id=2b0962fa828d7a0f", + "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=33da78f8f29a8961", + "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=0d38ab1030661897", + "pkg:golang/github.com/go-openapi/swag@v0.22.4?package-id=7ed9f6623fd0ad4d", + "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=6e5100a377c7acf1", + "pkg:golang/github.com/golang/groupcache@v0.0.0-20210331224755-41bb18bfe9da?package-id=a2ccf27610248563", + "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=69ecfc4acedc76c6", + "pkg:golang/github.com/google/cel-go@v0.16.1?package-id=d1561e8979c1051e", + "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=fd78e9f4096341d9", + "pkg:golang/github.com/google/go-cmp@v0.6.0?package-id=f41eb38263614dbc", + "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=49363cdd0348c6e0", + "pkg:golang/github.com/google/uuid@v1.4.0?package-id=c02c6724944e0ec7", + "pkg:golang/github.com/h2non/filetype@v1.1.3?package-id=bff0f0cdb7dcc96f", + "pkg:golang/github.com/h2non/go-is-svg@v0.0.0-20160927212452-35e8c4b0612c?package-id=6b7e5b845a335321", + "pkg:golang/github.com/imdario/mergo@v0.3.13?package-id=fd46d21e02aa299f", + "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=ab64358b85d5d979", + "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=0fbd359f9f67ea75", + "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=af01d2cc31aa87ab", + "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v2.0.0?package-id=a120ac1532d06579#v2", + "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=a8201f41f544f12b", + "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=7cb400a10d36ed3b", + "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=e54f0218a2c060fd", + "pkg:golang/github.com/mxk/go-flowrate@v0.0.0-20140419014527-cca7078d478f?package-id=947882ae32065f95", + "pkg:golang/github.com/onsi/gomega@v1.30.0?package-id=d9fe55d01e8eef44", + "pkg:golang/github.com/operator-framework/api@v0.21.0?package-id=db3fc61dfc3a2bb8", + "pkg:golang/github.com/operator-framework/operator-lib@v0.12.0?package-id=f6200769c3f4abe9", + "pkg:golang/github.com/operator-framework/operator-registry@v1.35.0?package-id=5c53e1a0fe2b646b", + "pkg:golang/github.com/pkg/errors@v0.9.1?package-id=2ebcefc04ca5e94c", + "pkg:golang/github.com/prometheus/client_golang@v1.18.0?package-id=f692fbad4e3943be", + "pkg:golang/github.com/prometheus/client_model@v0.5.0?package-id=a698f6e90bbe0e0b", + "pkg:golang/github.com/prometheus/common@v0.45.0?package-id=cf851583dc268cda", + "pkg:golang/github.com/prometheus/procfs@v0.12.0?package-id=188c22ff8b41f625", + "pkg:golang/github.com/sirupsen/logrus@v1.9.3?package-id=4cef29b92f702e95", + "pkg:golang/github.com/spf13/afero@v1.11.0?package-id=65b23bc581dbd244", + "pkg:golang/github.com/spf13/cobra@v1.8.0?package-id=71d3029a2532f3ad", + "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=d40b873071e286ca", + "pkg:golang/github.com/stoewer/go-strcase@v1.2.0?package-id=88dbe3f68bbd14a9", + "pkg:golang/go.uber.org/multierr@v1.11.0?package-id=bd8ec1cd27c96ab9", + "pkg:golang/go.uber.org/zap@v1.25.0?package-id=36969786a32c9e4f", + "pkg:golang/golang.org/x/exp@v0.0.0-20230905200255-921286631fa9?package-id=03dfa2214a487beb", + "pkg:golang/golang.org/x/net@v0.20.0?package-id=74d027b531e7de02", + "pkg:golang/golang.org/x/oauth2@v0.15.0?package-id=82a4ff55d678377c", + "pkg:golang/golang.org/x/sys@v0.16.0?package-id=0fe0bb7bacfe9242", + "pkg:golang/golang.org/x/term@v0.16.0?package-id=e496c1429eed599b", + "pkg:golang/golang.org/x/text@v0.14.0?package-id=53bda3d094859e5c", + "pkg:golang/golang.org/x/time@v0.5.0?package-id=ba99272182c980c0", + "pkg:golang/gomodules.xyz/jsonpatch/v2@v2.4.0?package-id=34d2ebc84180de24", + "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231120223509-83a465c0220f?package-id=f009b2455f0173b2#api", + "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231212172506-995d672761c0?package-id=913c49b8106e7d52#rpc", + "pkg:golang/google.golang.org/grpc@v1.60.1?package-id=636101af290a4894", + "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=cf0a618c2651fffc", + "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=d9c92d6fad067487", + "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=a3142707399850ad", + "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=1de0a56d885271d5", + "pkg:golang/k8s.io/api@v0.28.5?package-id=87dd2328d052f922", + "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.5?package-id=b4be89cc25d97ba9", + "pkg:golang/k8s.io/apimachinery@v0.28.5?package-id=bd6cfc7881749818", + "pkg:golang/k8s.io/client-go@v0.28.5?package-id=dfa4d6f7438c613f", + "pkg:golang/k8s.io/component-base@v0.28.5?package-id=8a613a6b291f1f67", + "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=0a6ce9aa23b27782", + "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=c94717a5d006a06a", + "pkg:golang/k8s.io/kubectl@v0.28.5?package-id=fa02371897088365", + "pkg:golang/k8s.io/utils@v0.0.0-20240102154912-e7106e64919e?package-id=01b2944de401e4a9", + "pkg:golang/sigs.k8s.io/controller-runtime@v0.16.3?package-id=8d144317f46308db", + "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=b8631f613866a59f", + "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=522086b451fcdfd4", + "pkg:golang/sigs.k8s.io/yaml@v1.4.0?package-id=51661fa0a6f0757b", + "pkg:golang/stdlib@1.22.5?package-id=c2da1ec8a4f923ee" + ] + }, + { + "ref": "pkg:golang/helm.sh/helm/v3@v3.14.0?package-id=2dee359273df7082", + "dependsOn": [ + "pkg:golang/github.com/asaskevich/govalidator@v0.0.0-20200428143746-21a406dcc535?package-id=bbd05a6d12edc694", + "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=6a2450977ec9b2e1", + "pkg:golang/github.com/burntsushi/toml@v1.3.2?package-id=61a9543496dff4c5", + "pkg:golang/github.com/cespare/xxhash@v2.2.0?package-id=62b404bb03e00cf7#v2", + "pkg:golang/github.com/chai2010/gettext-go@v1.0.2?package-id=578e636d9886898d", + "pkg:golang/github.com/containerd/containerd@v1.7.11?package-id=72a1f1d979518e0f", + "pkg:golang/github.com/containerd/log@v0.1.0?package-id=7dd2d478f96f7b2e", + "pkg:golang/github.com/cpuguy83/go-md2man@v2.0.3?package-id=31fe895b988d9d40#v2", + "pkg:golang/github.com/cyphar/filepath-securejoin@v0.2.4?package-id=db407c80695fb065", + "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=28b9714af62929d1", + "pkg:golang/github.com/docker/cli@v24.0.6%2Bincompatible?package-id=a964a9b12f86e531", + "pkg:golang/github.com/docker/distribution@v2.8.2%2Bincompatible?package-id=0f47dfcfdee6b57f", + "pkg:golang/github.com/docker/docker-credential-helpers@v0.7.0?package-id=4e2775699746d324", + "pkg:golang/github.com/docker/docker@v24.0.7%2Bincompatible?package-id=46652e548371f5c8", + "pkg:golang/github.com/docker/go-connections@v0.4.0?package-id=3a157a08315231cb", + "pkg:golang/github.com/docker/go-metrics@v0.0.1?package-id=9b168f6c6d51927e", + "pkg:golang/github.com/docker/go-units@v0.5.0?package-id=54846f6c358cf36e", + "pkg:golang/github.com/emicklei/go-restful@v3.11.0?package-id=498ee432ba285f95#v3", + "pkg:golang/github.com/evanphx/json-patch@v5.7.0%2Bincompatible?package-id=78745179531861bd", + "pkg:golang/github.com/exponent-io/jsonpath@v0.0.0-20151013193312-d6023ce2651d?package-id=2f90548739f0b3dd", + "pkg:golang/github.com/fatih/color@v1.13.0?package-id=3e1e425f599bb6a8", + "pkg:golang/github.com/felixge/httpsnoop@v1.0.3?package-id=e7e4f4c7ca2afd69", + "pkg:golang/github.com/fvbommel/sortorder@v1.1.0?package-id=47b15b2d4238a9da", + "pkg:golang/github.com/go-errors/errors@v1.4.2?package-id=8a2ea8106446a263", + "pkg:golang/github.com/go-gorp/gorp@v3.1.0?package-id=4ed80ff0154f9489#v3", + "pkg:golang/github.com/go-logr/logr@v1.3.0?package-id=a4096870991705d4", + "pkg:golang/github.com/go-logr/stdr@v1.2.2?package-id=f72b2ecab588b07a", + "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=c7863472162657e1", + "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=a24c0f985a3381ea", + "pkg:golang/github.com/go-openapi/swag@v0.22.3?package-id=122da8577047d0f6", + "pkg:golang/github.com/gobwas/glob@v0.2.3?package-id=ed5018a71b9b6437", + "pkg:golang/github.com/gofrs/flock@v0.8.1?package-id=47c7c5ed3dac86bf", + "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=e52608854c041c0b", + "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=09a450dbbb09e3c9", + "pkg:golang/github.com/google/btree@v1.0.1?package-id=3ba70ceebc4f1b97", + "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=8eeb447a17302e64", + "pkg:golang/github.com/google/go-cmp@v0.6.0?package-id=edc7f7fa2a2ba2fc", + "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=1b31774a5822e2b7", + "pkg:golang/github.com/google/shlex@v0.0.0-20191202100458-e7afc7fbc510?package-id=364d231601a0133c", + "pkg:golang/github.com/google/uuid@v1.3.0?package-id=f5850c1d83a17984", + "pkg:golang/github.com/gorilla/mux@v1.8.0?package-id=ecd34b222c45f7e9", + "pkg:golang/github.com/gorilla/websocket@v1.5.0?package-id=c657d39533f4817c", + "pkg:golang/github.com/gosuri/uitable@v0.0.4?package-id=c0f539d32fc01aec", + "pkg:golang/github.com/gregjones/httpcache@v0.0.0-20180305231024-9cad4c3443a7?package-id=5734634e2e609119", + "pkg:golang/github.com/hashicorp/errwrap@v1.1.0?package-id=86e48c9321ced449", + "pkg:golang/github.com/hashicorp/go-multierror@v1.1.1?package-id=0281aa224ed6dd6c", + "pkg:golang/github.com/huandu/xstrings@v1.4.0?package-id=4459d011d7b4ec3e", + "pkg:golang/github.com/imdario/mergo@v0.3.13?package-id=cbc763fdb4ab2d59", + "pkg:golang/github.com/jmoiron/sqlx@v1.3.5?package-id=8d631eaa105ad2b3", + "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=4e3c09058b3ba98a", + "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=af202461e8725fb9", + "pkg:golang/github.com/klauspost/compress@v1.16.0?package-id=b9e50a2ace6ead26", + "pkg:golang/github.com/lann/builder@v0.0.0-20180802200727-47ae307949d0?package-id=2f86f66ed446e212", + "pkg:golang/github.com/lann/ps@v0.0.0-20150810152359-62de8c46ede0?package-id=7d0c94f7c8da4fa4", + "pkg:golang/github.com/lib/pq@v1.10.9?package-id=301871ba0c830890", + "pkg:golang/github.com/liggitt/tabwriter@v0.0.0-20181228230101-89fcab3d43de?package-id=3e2cda007b551013", + "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=bc3f960e82002ad6", + "pkg:golang/github.com/makenowjust/heredoc@v1.0.0?package-id=969ba4e115f1f480", + "pkg:golang/github.com/masterminds/goutils@v1.1.1?package-id=951f2276e38e3f9a", + "pkg:golang/github.com/masterminds/semver@v3.2.1?package-id=c058dbab54b23e01#v3", + "pkg:golang/github.com/masterminds/sprig@v3.2.3?package-id=65658f2fbd9446cd#v3", + "pkg:golang/github.com/masterminds/squirrel@v1.5.4?package-id=cd06da0c22522722", + "pkg:golang/github.com/masterminds/vcs@v1.13.3?package-id=7ca38f164806cbb7", + "pkg:golang/github.com/mattn/go-colorable@v0.1.13?package-id=89e7111773a55a78", + "pkg:golang/github.com/mattn/go-isatty@v0.0.17?package-id=f862e59bdcf53db4", + "pkg:golang/github.com/mattn/go-runewidth@v0.0.9?package-id=6491732313d32fd1", + "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v1.0.4?package-id=5a56419d7631c164", + "pkg:golang/github.com/mitchellh/copystructure@v1.2.0?package-id=ada584f1dd727f79", + "pkg:golang/github.com/mitchellh/go-wordwrap@v1.0.1?package-id=f7955a24bc67e4db", + "pkg:golang/github.com/mitchellh/reflectwalk@v1.0.2?package-id=c168586d30eeb3ce", + "pkg:golang/github.com/moby/locker@v1.0.1?package-id=2c4229dc7d286cf4", + "pkg:golang/github.com/moby/spdystream@v0.2.0?package-id=f1f2bd7a6481341c", + "pkg:golang/github.com/moby/term@v0.5.0?package-id=f1b12d70ce358ac7", + "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=35b65435224f8a93", + "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=678e6aefdb90205b", + "pkg:golang/github.com/monochromegane/go-gitignore@v0.0.0-20200626010858-205db1a8cc00?package-id=d856ee9429394d09", + "pkg:golang/github.com/morikuni/aec@v1.0.0?package-id=0529bab9840a33d4", + "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=aad1e1a3315a3851", + "pkg:golang/github.com/mxk/go-flowrate@v0.0.0-20140419014527-cca7078d478f?package-id=eaf403ad9442826d", + "pkg:golang/github.com/opencontainers/go-digest@v1.0.0?package-id=cc63a663919e1565", + "pkg:golang/github.com/opencontainers/image-spec@v1.1.0-rc5?package-id=e06e4e730e6468ba", + "pkg:golang/github.com/peterbourgon/diskv@v2.0.1%2Bincompatible?package-id=fc6d62d81a82a140", + "pkg:golang/github.com/pkg/errors@v0.9.1?package-id=4c699985a6fee925", + "pkg:golang/github.com/prometheus/client_golang@v1.16.0?package-id=b4f59cc79151917c", + "pkg:golang/github.com/prometheus/client_model@v0.4.0?package-id=05b91fcf51eb7b85", + "pkg:golang/github.com/prometheus/common@v0.44.0?package-id=75ece74c99c2ae8d", + "pkg:golang/github.com/prometheus/procfs@v0.10.1?package-id=f8d3be7f5bef4928", + "pkg:golang/github.com/rubenv/sql-migrate@v1.5.2?package-id=ad787f2479b92420", + "pkg:golang/github.com/russross/blackfriday@v2.1.0?package-id=375e3e7f5063437a#v2", + "pkg:golang/github.com/shopspring/decimal@v1.3.1?package-id=b7520e06148ec358", + "pkg:golang/github.com/sirupsen/logrus@v1.9.3?package-id=83050e16d786ee71", + "pkg:golang/github.com/spf13/cast@v1.5.0?package-id=04275460d5f13b13", + "pkg:golang/github.com/spf13/cobra@v1.8.0?package-id=e8bd156eaddb0a3f", + "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=fbc13c4ca0aff254", + "pkg:golang/github.com/xeipuuv/gojsonpointer@v0.0.0-20190905194746-02993c407bfb?package-id=f5f4cd439f5eb629", + "pkg:golang/github.com/xeipuuv/gojsonreference@v0.0.0-20180127040603-bd5ef7bd5415?package-id=4b194307bf1b3e5c", + "pkg:golang/github.com/xeipuuv/gojsonschema@v1.2.0?package-id=380b2aa73d466aad", + "pkg:golang/github.com/xlab/treeprint@v1.2.0?package-id=2fc781a87669bfbf", + "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.45.0?package-id=4f963df28fcff2b3#net/http/otelhttp", + "pkg:golang/go.opentelemetry.io/otel/metric@v1.19.0?package-id=2988ea3eec3c7563", + "pkg:golang/go.opentelemetry.io/otel/trace@v1.19.0?package-id=dcb66e432b04fc33", + "pkg:golang/go.opentelemetry.io/otel@v1.19.0?package-id=58b109a34b0a6654", + "pkg:golang/go.starlark.net@v0.0.0-20230525235612-a134d8f9ddca?package-id=1e1a09359a514ef6", + "pkg:golang/golang.org/x/crypto@v0.17.0?package-id=6027097e9d230681", + "pkg:golang/golang.org/x/net@v0.17.0?package-id=b7cd7d70ee4b9e9b", + "pkg:golang/golang.org/x/oauth2@v0.10.0?package-id=a165f15b724df3d7", + "pkg:golang/golang.org/x/sync@v0.3.0?package-id=df78588c4984b7db", + "pkg:golang/golang.org/x/sys@v0.15.0?package-id=2e6cc63c7be556fc", + "pkg:golang/golang.org/x/term@v0.15.0?package-id=cf2d9b76aa31719a", + "pkg:golang/golang.org/x/text@v0.14.0?package-id=c2f4eff34b3df966", + "pkg:golang/golang.org/x/time@v0.3.0?package-id=a42921e911f41575", + "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20230822172742-b8732ec3820d?package-id=f2fa57581b80ea3c#rpc", + "pkg:golang/google.golang.org/grpc@v1.58.3?package-id=96bf04e992cfa6d7", + "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=df7b60f06ef5fd43", + "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=7fb7839f164ab09a", + "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=f0fdac75c501a330", + "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=7621e600aa412afd", + "pkg:golang/k8s.io/api@v0.29.0?package-id=1c9c90500d9e8466", + "pkg:golang/k8s.io/apiextensions-apiserver@v0.29.0?package-id=f23c30977a4e1865", + "pkg:golang/k8s.io/apimachinery@v0.29.0?package-id=d1a9ea2c0b866fe8", + "pkg:golang/k8s.io/apiserver@v0.29.0?package-id=bea4aa5bf5499784", + "pkg:golang/k8s.io/cli-runtime@v0.29.0?package-id=b6aa4c2e9f48ae34", + "pkg:golang/k8s.io/client-go@v0.29.0?package-id=d34fa1f385ba4b59", + "pkg:golang/k8s.io/component-base@v0.29.0?package-id=12c70bbbe6912259", + "pkg:golang/k8s.io/klog/v2@v2.110.1?package-id=78a98a3c5987647f", + "pkg:golang/k8s.io/kube-openapi@v0.0.0-20231010175941-2dd684a91f00?package-id=c6f0eba505f061c6", + "pkg:golang/k8s.io/kubectl@v0.29.0?package-id=8117e1ad6daa73fc", + "pkg:golang/k8s.io/utils@v0.0.0-20230726121419-3b25d923346b?package-id=2fffdeaf72b43c31", + "pkg:golang/oras.land/oras-go@v1.2.4?package-id=bcce8f5089ea0880", + "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=d11623fc11348a8e", + "pkg:golang/sigs.k8s.io/kustomize/api@v0.13.5-0.20230601165947-6ce0bf390ce3?package-id=5713706b8df200cc", + "pkg:golang/sigs.k8s.io/kustomize/kyaml@v0.14.3-0.20230601165947-6ce0bf390ce3?package-id=b9c0ef73cafb89fd", + "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.4.1?package-id=4de9ffc4e47068f1", + "pkg:golang/sigs.k8s.io/yaml@v1.3.0?package-id=1703f5ade90699bc", + "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" + ] + }, { "ref": "pkg:pypi/ansible-core@2.15.9?package-id=74fe538f9e2dbbdd", "dependsOn": [ @@ -21709,7 +21931,7 @@ ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:be185438-1bab-4ea6-9738-80d4d23f35e4", + "bom-ref": "urn:uuid:41f1ecce-8c64-4a3d-8a95-b686342613d1", "id": "CVE-2010-4756", "source": { "name": "debian-distro-debian-12", @@ -21742,7 +21964,7 @@ ] }, { - "bom-ref": "urn:uuid:002f036a-6fb6-4c8d-b7be-c9728f38e35e", + "bom-ref": "urn:uuid:36f27a4f-3437-4fef-a66a-f75103ba0271", "id": "CVE-2018-20796", "source": { "name": "debian-distro-debian-12", @@ -21775,7 +21997,7 @@ ] }, { - "bom-ref": "urn:uuid:925615c8-614a-4c2b-a19a-b4e55288e5a1", + "bom-ref": "urn:uuid:a162a9a8-b02b-4233-aacb-6e591191c247", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -21808,7 +22030,7 @@ ] }, { - "bom-ref": "urn:uuid:aeb3ad7d-d25b-4a52-bce3-d59bc1d15251", + "bom-ref": "urn:uuid:bd350d67-2747-449a-bedd-cc49540ce251", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -21841,7 +22063,7 @@ ] }, { - "bom-ref": "urn:uuid:33119dc2-c311-47ab-a6d6-0b1d2afe216a", + "bom-ref": "urn:uuid:d04a0ef7-c275-4cfb-9bfb-18061ec1c53d", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -21874,7 +22096,7 @@ ] }, { - "bom-ref": "urn:uuid:9c16b8c1-6ea0-49a8-b8de-d23cffdb114b", + "bom-ref": "urn:uuid:cd45855f-ca53-49bd-b1b7-ca1a6d1dc1ba", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -21907,7 +22129,7 @@ ] }, { - "bom-ref": "urn:uuid:ec8384b6-ed6c-430c-b7c7-d4943fd635ff", + "bom-ref": "urn:uuid:ae9e84d6-4f81-4834-a26b-5653a114d601", "id": "CVE-2019-1010022", "source": { "name": "debian-distro-debian-12", @@ -21940,7 +22162,7 @@ ] }, { - "bom-ref": "urn:uuid:fa86a38e-cf53-4699-8673-7f680936c97a", + "bom-ref": "urn:uuid:71590bbb-016a-44d8-85ca-6b43f8d9b61a", "id": "CVE-2019-1010023", "source": { "name": "debian-distro-debian-12", @@ -21973,7 +22195,7 @@ ] }, { - "bom-ref": "urn:uuid:5309387e-faba-44c1-a0de-14fd38568557", + "bom-ref": "urn:uuid:14eb3df3-3142-4ee0-b98b-f2c953a8c800", "id": "CVE-2019-1010024", "source": { "name": "debian-distro-debian-12", @@ -22006,7 +22228,7 @@ ] }, { - "bom-ref": "urn:uuid:55416d30-6efc-4f3d-919a-ad87efc40023", + "bom-ref": "urn:uuid:1561dce4-5222-4c7f-bf15-b046ba501d6a", "id": "CVE-2019-1010025", "source": { "name": "debian-distro-debian-12", @@ -22039,7 +22261,7 @@ ] }, { - "bom-ref": "urn:uuid:b5795862-2b8e-440d-ade3-1b0856df5295", + "bom-ref": "urn:uuid:f8f4f595-abfb-420d-b783-ee940e0dac6b", "id": "CVE-2019-9192", "source": { "name": "debian-distro-debian-12", @@ -22072,7 +22294,7 @@ ] }, { - "bom-ref": "urn:uuid:0e5015de-3a56-4155-bcab-5636b632fe86", + "bom-ref": "urn:uuid:ed721f74-145c-4e52-b5d2-ac29a07ada26", "id": "CVE-2021-45346", "source": { "name": "debian-distro-debian-12", @@ -22105,7 +22327,7 @@ ] }, { - "bom-ref": "urn:uuid:f9847a52-5f25-4342-b358-85834395abb9", + "bom-ref": "urn:uuid:2a79264e-c7ce-4153-b847-de1393f2c678", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -22138,7 +22360,7 @@ ] }, { - "bom-ref": "urn:uuid:38eebc01-41bd-49a7-8826-dbaa48969e2a", + "bom-ref": "urn:uuid:74322bc2-6d69-41ff-bc12-7b97846c7d1b", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -22171,7 +22393,7 @@ ] }, { - "bom-ref": "urn:uuid:0904887c-3894-4604-ab0c-a75a78b0568f", + "bom-ref": "urn:uuid:f73fde0b-2b54-40ca-8e2e-dd5b48373abc", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -22204,7 +22426,7 @@ ] }, { - "bom-ref": "urn:uuid:a91cd394-fbed-490c-9e7e-67dcffeb87f8", + "bom-ref": "urn:uuid:dc77df6d-3392-4123-a4d3-635878525999", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -22237,106 +22459,7 @@ ] }, { - "bom-ref": "urn:uuid:1cb0a821-86f1-4654-98b7-de4af7c8793b", - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - }, - "references": [ - { - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" - } - ] - }, - { - "bom-ref": "urn:uuid:f867369a-a700-4721-8b8b-3df7af1cd28a", - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - }, - "references": [ - { - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" - } - ] - }, - { - "bom-ref": "urn:uuid:f9e5ac16-c7d2-42a0-afc0-dfe50247c218", - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - }, - "references": [ - { - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" - } - ] - }, - { - "bom-ref": "urn:uuid:95becb42-7d16-4df6-a631-e7e0b247cb7f", + "bom-ref": "urn:uuid:cdebd2dc-f32e-46b4-b4bb-13a7c69ecb88", "id": "CVE-2023-27043", "source": { "name": "debian-distro-debian-12", @@ -22364,12 +22487,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" + "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651" } ] }, { - "bom-ref": "urn:uuid:52081d0a-15fa-48cf-837f-57a8bad062b9", + "bom-ref": "urn:uuid:1f73a160-579e-44cd-9a01-9c7bba1ab423", "id": "CVE-2023-27043", "source": { "name": "debian-distro-debian-12", @@ -22397,12 +22520,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" + "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=99bba6ed48d491dd" } ] }, { - "bom-ref": "urn:uuid:4d059a5a-e1d3-49c9-93e8-102a82232860", + "bom-ref": "urn:uuid:2f945cff-0e19-4ba1-83ca-cd6a8b58c087", "id": "CVE-2023-27043", "source": { "name": "debian-distro-debian-12", @@ -22430,111 +22553,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" + "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0b5e9759b20aed22" } ] }, { - "bom-ref": "urn:uuid:0886d717-a1bc-4def-93f9-675917951f5d", - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - }, - "references": [ - { - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as \"not connected\" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" - } - ] - }, - { - "bom-ref": "urn:uuid:a6229bac-fd28-4141-b87f-21f37089adc2", - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - }, - "references": [ - { - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as \"not connected\" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" - } - ] - }, - { - "bom-ref": "urn:uuid:eb7c9f6a-4ba4-4c7f-8d06-407709f13190", - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - }, - "references": [ - { - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as \"not connected\" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" - } - ] - }, - { - "bom-ref": "urn:uuid:9464ef4e-84a8-4ae1-b33d-6512fc48d75e", + "bom-ref": "urn:uuid:4cda03d3-2244-4f1a-912b-a1623a3c38c9", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -22567,7 +22591,7 @@ ] }, { - "bom-ref": "urn:uuid:91a6b2e4-9879-4cce-a6ae-de204387049d", + "bom-ref": "urn:uuid:188ade25-6bc4-4f99-bb78-9e7bc48d2de8", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -22600,7 +22624,7 @@ ] }, { - "bom-ref": "urn:uuid:67f80dd1-c40c-4f71-9d79-15d0d87c89cc", + "bom-ref": "urn:uuid:f7e8c520-5025-41f6-9620-4acb7393c058", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -22633,106 +22657,7 @@ ] }, { - "bom-ref": "urn:uuid:e30e95aa-9869-4376-809d-a6a3266b9fad", - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - }, - "references": [ - { - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" - } - ] - }, - { - "bom-ref": "urn:uuid:a5283d31-4d43-4443-80ff-3bf95809e369", - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - }, - "references": [ - { - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" - } - ] - }, - { - "bom-ref": "urn:uuid:a004f243-0b2b-4e1a-bcab-22888fc8deed", - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - }, - "references": [ - { - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" - } - ] - }, - { - "bom-ref": "urn:uuid:7df4d7fa-8276-4baf-8fd8-6dd8515b5f0d", + "bom-ref": "urn:uuid:e19b905c-a1fc-4cb7-b6ee-d3f10ec20d28", "id": "CVE-2023-45288", "source": { "name": "nvd-cpe", @@ -22786,7 +22711,7 @@ ] }, { - "bom-ref": "urn:uuid:c818b357-b09a-4070-97dc-5b18bf4bd18f", + "bom-ref": "urn:uuid:77846add-ce61-40df-9877-5f7753730699", "id": "CVE-2023-45289", "source": { "name": "nvd-cpe", @@ -22829,434 +22754,236 @@ ], "affects": [ { - "ref": "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" - } - ] - }, - { - "bom-ref": "urn:uuid:2d33a5a4-6443-4af8-a59c-f496fa05d25d", - "id": "CVE-2023-45290", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290" - }, - "references": [ - { - "id": "CVE-2023-45290", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.", - "advisories": [ - { - "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4" - }, - { - "url": "https://go.dev/cl/569341" - }, - { - "url": "https://go.dev/issue/65383" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2024-2599" - }, - { - "url": "https://security.netapp.com/advisory/ntap-20240329-0004/" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" - } - ] - }, - { - "bom-ref": "urn:uuid:4bae39dd-4bcc-4373-aaca-f35d17951639", - "id": "CVE-2023-45853", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" - }, - "references": [ - { - "id": "CVE-2023-45853", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" - } - } - ], - "ratings": [ - { - "severity": "critical" - } - ], - "description": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=aad1c23de303b3c3" - } - ] - }, - { - "bom-ref": "urn:uuid:d0c789e2-da7c-4818-ad4e-5e8eeaf5f11d", - "id": "CVE-2023-45918", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - }, - "references": [ - { - "id": "CVE-2023-45918", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=015b1bb725c05616" - } - ] - }, - { - "bom-ref": "urn:uuid:410c5058-c5e9-4c5d-85e5-db69ff2fbd2d", - "id": "CVE-2023-45918", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - }, - "references": [ - { - "id": "CVE-2023-45918", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=36361b5a97996e94" - } - ] - }, - { - "bom-ref": "urn:uuid:c21dda3a-379d-4762-9913-c2d983c0e325", - "id": "CVE-2023-50495", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - }, - "references": [ - { - "id": "CVE-2023-50495", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=015b1bb725c05616" - } - ] - }, - { - "bom-ref": "urn:uuid:855b75e3-8b26-4a3f-844d-9a2e64d6021c", - "id": "CVE-2023-50495", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - }, - "references": [ - { - "id": "CVE-2023-50495", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=36361b5a97996e94" + "ref": "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" } ] }, { - "bom-ref": "urn:uuid:3e8d7813-ddac-41ce-99f2-4b9a724769d8", - "id": "CVE-2023-52425", + "bom-ref": "urn:uuid:b20d2b4b-fa2b-462c-a4d5-3bab6d3ffa54", + "id": "CVE-2023-45290", "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290" }, "references": [ { - "id": "CVE-2023-52425", + "id": "CVE-2023-45290", "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290" } } ], "ratings": [ { - "severity": "high" + "severity": "unknown" } ], - "description": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", + "description": "When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" + "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4" + }, + { + "url": "https://go.dev/cl/569341" + }, + { + "url": "https://go.dev/issue/65383" + }, + { + "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg" + }, + { + "url": "https://pkg.go.dev/vuln/GO-2024-2599" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240329-0004/" } ], "affects": [ { - "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=0a0dfff5ad2a7836" + "ref": "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" } ] }, { - "bom-ref": "urn:uuid:69300d13-8076-4032-862f-f639d4b54ad2", - "id": "CVE-2023-52426", + "bom-ref": "urn:uuid:f9ed1998-28d9-4a7c-a725-64b7dd52e9b3", + "id": "CVE-2023-45853", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" }, "references": [ { - "id": "CVE-2023-52426", + "id": "CVE-2023-45853", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" } } ], "ratings": [ { - "severity": "none" + "severity": "critical" } ], - "description": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.", + "description": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" } ], "affects": [ { - "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=0a0dfff5ad2a7836" + "ref": "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=aad1c23de303b3c3" } ] }, { - "bom-ref": "urn:uuid:c08cbb9f-5839-49e4-8a12-1d78cdd6e465", - "id": "CVE-2023-5678", + "bom-ref": "urn:uuid:e8463751-0094-4b73-a36f-e57f0779a6c6", + "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" }, "references": [ { - "id": "CVE-2023-5678", + "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" } } ], "ratings": [ { - "severity": "medium" + "severity": "unknown" } ], - "description": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", + "description": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" } ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=015b1bb725c05616" } ] }, { - "bom-ref": "urn:uuid:a5e5082f-0e12-417e-9958-678fbbe7beb9", - "id": "CVE-2023-6129", + "bom-ref": "urn:uuid:8ca1cc23-2afc-4f41-b9ed-471a619202e8", + "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" }, "references": [ { - "id": "CVE-2023-6129", + "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" } } ], "ratings": [ { - "severity": "medium" + "severity": "unknown" } ], - "description": "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector registers in a different order than they are saved. Thus the contents of some of these vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer PowerPC processors supporting the PowerISA 2.07 instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However unless the compiler uses the vector registers for storing pointers, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3. If this cipher is enabled on the server a malicious client can influence whether this AEAD cipher is used. This implies that TLS server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue.", + "description": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" } ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=36361b5a97996e94" } ] }, { - "bom-ref": "urn:uuid:eca76627-29f9-49ea-91f7-3a02007f658a", - "id": "CVE-2023-6237", + "bom-ref": "urn:uuid:08c259be-d3e6-436e-8717-cc0ec31da795", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" }, "references": [ { - "id": "CVE-2023-6237", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } } ], "ratings": [ { - "severity": "unknown" + "severity": "medium" } ], - "description": "Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the '-pubin' and '-check' options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", + "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=015b1bb725c05616" } ] }, { - "bom-ref": "urn:uuid:5c286f22-13c3-4367-9400-3af2de0a7af2", - "id": "CVE-2023-6597", + "bom-ref": "urn:uuid:ddc166a8-e656-4117-aaff-a47282ef02d2", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" }, "references": [ { - "id": "CVE-2023-6597", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } } ], "ratings": [ { - "severity": "high" + "severity": "medium" } ], - "description": "An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.", + "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" + "ref": "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=36361b5a97996e94" } ] }, { - "bom-ref": "urn:uuid:6037c3df-af24-4cdb-a40a-793d633a4b80", - "id": "CVE-2023-6597", + "bom-ref": "urn:uuid:45f080fd-bc7d-4e97-a41d-111ab683f909", + "id": "CVE-2023-52425", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" }, "references": [ { - "id": "CVE-2023-6597", + "id": "CVE-2023-52425", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" } } ], @@ -23265,53 +22992,53 @@ "severity": "high" } ], - "description": "An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.", + "description": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" } ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" + "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=0a0dfff5ad2a7836" } ] }, { - "bom-ref": "urn:uuid:fabb85fe-41e9-450b-ba1d-2bf3d0ef79d9", - "id": "CVE-2023-6597", + "bom-ref": "urn:uuid:1c94a46b-698c-424e-ac47-a7f89ef4564c", + "id": "CVE-2023-52426", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" }, "references": [ { - "id": "CVE-2023-6597", + "id": "CVE-2023-52426", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" } } ], "ratings": [ { - "severity": "high" + "severity": "none" } ], - "description": "An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.", + "description": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" } ], "affects": [ { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" + "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=0a0dfff5ad2a7836" } ] }, { - "bom-ref": "urn:uuid:e05efecb-cab3-4c03-869e-0827a61afb55", + "bom-ref": "urn:uuid:f3309560-6d02-444c-a533-6543fdb325a3", "id": "CVE-2023-7104", "source": { "name": "debian-distro-debian-12", @@ -23344,7 +23071,7 @@ ] }, { - "bom-ref": "urn:uuid:5e9b7326-0c63-4098-a4d8-5fa572c11f5d", + "bom-ref": "urn:uuid:bb485260-22a5-4183-af91-fc2d8444fe1a", "id": "CVE-2024-0232", "source": { "name": "debian-distro-debian-12", @@ -23377,7 +23104,7 @@ ] }, { - "bom-ref": "urn:uuid:8cd25021-78cc-4fc1-9151-6ad0992e0d62", + "bom-ref": "urn:uuid:324c1b17-61c2-4745-8773-3ee452c480ce", "id": "CVE-2024-0397", "source": { "name": "debian-distro-debian-12", @@ -23394,7 +23121,7 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "high" } ], "description": "A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as during the TLS handshake with a certificate directory configured. This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.", @@ -23405,12 +23132,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" + "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651" } ] }, { - "bom-ref": "urn:uuid:103aff1b-a255-47ec-b006-c8080313fa47", + "bom-ref": "urn:uuid:05a3eee2-6535-4dfd-b6ed-7f23cc0cea91", "id": "CVE-2024-0397", "source": { "name": "debian-distro-debian-12", @@ -23427,7 +23154,7 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "high" } ], "description": "A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as during the TLS handshake with a certificate directory configured. This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.", @@ -23438,12 +23165,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" + "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=99bba6ed48d491dd" } ] }, { - "bom-ref": "urn:uuid:9603e3cc-b00c-42e0-b040-3beffda9616d", + "bom-ref": "urn:uuid:f98c368d-38c8-40a5-b239-e8be9a4754f8", "id": "CVE-2024-0397", "source": { "name": "debian-distro-debian-12", @@ -23460,7 +23187,7 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "high" } ], "description": "A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as during the TLS handshake with a certificate directory configured. This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.", @@ -23471,144 +23198,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" - } - ] - }, - { - "bom-ref": "urn:uuid:1c036ab3-f160-47d7-a9e6-c781b0f2bdfa", - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - }, - "references": [ - { - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" - } - ] - }, - { - "bom-ref": "urn:uuid:edb6a447-944c-4c53-a813-66e0ca5a1b9c", - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - }, - "references": [ - { - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" - } - ] - }, - { - "bom-ref": "urn:uuid:38b3ad37-d47e-4320-9dd3-16fcb9cae969", - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - }, - "references": [ - { - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" - } - ] - }, - { - "bom-ref": "urn:uuid:6db92a85-ccf2-4761-b879-0843e08aa984", - "id": "CVE-2024-0727", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - }, - "references": [ - { - "id": "CVE-2024-0727", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0b5e9759b20aed22" } ] }, { - "bom-ref": "urn:uuid:44ab15d3-7185-4887-bfbd-23c942f9dfd0", + "bom-ref": "urn:uuid:194db701-609f-44dd-b72c-e05ead22f96b", "id": "CVE-2024-24783", "source": { "name": "nvd-cpe", @@ -23656,7 +23251,7 @@ ] }, { - "bom-ref": "urn:uuid:b113d987-09e7-4881-b95b-53d3790e00a0", + "bom-ref": "urn:uuid:15778f47-3ad4-49e4-860b-6c95839947fc", "id": "CVE-2024-24784", "source": { "name": "nvd-cpe", @@ -23704,7 +23299,7 @@ ] }, { - "bom-ref": "urn:uuid:c5e29acd-40f3-4e85-ab9d-27aca3fcf721", + "bom-ref": "urn:uuid:d76ad74b-a58e-4a4d-b42b-5f5b50b5df5f", "id": "CVE-2024-24785", "source": { "name": "nvd-cpe", @@ -23752,7 +23347,7 @@ ] }, { - "bom-ref": "urn:uuid:f5923e52-d299-40c6-a2c3-065bfd90e612", + "bom-ref": "urn:uuid:c19b295d-34cf-4dd7-bb59-fa1199c4a2e6", "id": "CVE-2024-24787", "source": { "name": "nvd-cpe", @@ -23769,7 +23364,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 6.4, + "severity": "medium", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "description": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.", @@ -23800,7 +23398,7 @@ ] }, { - "bom-ref": "urn:uuid:75395365-0816-4522-9585-3358bf8c7702", + "bom-ref": "urn:uuid:c219334f-fdaa-4cf7-b8e6-2e4cdfd47fd5", "id": "CVE-2024-24789", "source": { "name": "nvd-cpe", @@ -23821,6 +23419,12 @@ "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" + }, + { + "score": 5.3, + "severity": "medium", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "description": "The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.", @@ -23851,7 +23455,7 @@ ] }, { - "bom-ref": "urn:uuid:003a881f-b919-4c74-bdf3-0f3910d75774", + "bom-ref": "urn:uuid:389bd102-1ea5-4411-9dba-f3eb367f70ac", "id": "CVE-2024-24790", "source": { "name": "nvd-cpe", @@ -23899,7 +23503,49 @@ ] }, { - "bom-ref": "urn:uuid:afbe152e-99fe-4dbd-a121-fc21be4fb55f", + "bom-ref": "urn:uuid:528da391-bfe4-442c-b4e1-6f30b2084562", + "id": "CVE-2024-24791", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" + }, + "references": [ + { + "id": "CVE-2024-24791", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "description": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.", + "advisories": [ + { + "url": "https://go.dev/cl/591255" + }, + { + "url": "https://go.dev/issue/67555" + }, + { + "url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ" + }, + { + "url": "https://pkg.go.dev/vuln/GO-2024-2963" + } + ], + "affects": [ + { + "ref": "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" + } + ] + }, + { + "bom-ref": "urn:uuid:a933b2c8-ec45-4ac6-953c-40bddcd12db8", "id": "CVE-2024-2511", "source": { "name": "debian-distro-debian-12", @@ -23927,12 +23573,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" } ] }, { - "bom-ref": "urn:uuid:92ae74ec-ce6b-47e6-ac50-8647c3fe5c8f", + "bom-ref": "urn:uuid:4c871d0c-c1fa-40cc-9cca-a1e0daf37296", "id": "CVE-2024-25620", "source": { "name": "nvd-cpe", @@ -23966,12 +23612,12 @@ ], "affects": [ { - "ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=eaaf7e7c6c586545" + "ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=a06b39d8afcd16cd" } ] }, { - "bom-ref": "urn:uuid:12a77be3-475c-4075-8536-c4c67ee2d80d", + "bom-ref": "urn:uuid:26e19a6c-8290-4a5e-8765-126905ca551f", "id": "CVE-2024-26147", "source": { "name": "nvd-cpe", @@ -24005,12 +23651,12 @@ ], "affects": [ { - "ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=eaaf7e7c6c586545" + "ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=a06b39d8afcd16cd" } ] }, { - "bom-ref": "urn:uuid:c422f851-4c06-4171-ae8f-906d3a887362", + "bom-ref": "urn:uuid:82e56a82-8001-481c-8ac0-7f331f4b6727", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -24043,7 +23689,7 @@ ] }, { - "bom-ref": "urn:uuid:dc3cfed6-b6d9-458a-a4ae-e68c5f33b36a", + "bom-ref": "urn:uuid:c0655149-6fdd-4fa5-b07e-58ae79b6b6dc", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -24076,7 +23722,7 @@ ] }, { - "bom-ref": "urn:uuid:97d57584-a178-4dd8-8ae6-dd7fbffcce24", + "bom-ref": "urn:uuid:595a4f68-26fc-4e04-8205-0c2840998226", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -24109,7 +23755,7 @@ ] }, { - "bom-ref": "urn:uuid:16612a58-77de-422b-ae4e-2a9f5df9cb76", + "bom-ref": "urn:uuid:09222e10-3389-4430-8a1b-910dc6eeedd5", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -24142,7 +23788,7 @@ ] }, { - "bom-ref": "urn:uuid:085b86c1-e1e0-4964-8406-85164e07b032", + "bom-ref": "urn:uuid:a86e0790-31fa-43cb-9424-f35b337a7d18", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -24175,7 +23821,7 @@ ] }, { - "bom-ref": "urn:uuid:8797778d-3489-446d-94d6-dd73a66c76f6", + "bom-ref": "urn:uuid:28717fd2-9a43-4b22-8ebe-b4418ce7672c", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -24208,7 +23854,7 @@ ] }, { - "bom-ref": "urn:uuid:9594d020-436c-42ce-b2bd-7c78728236c4", + "bom-ref": "urn:uuid:a7a29bcc-9c7a-485f-a7d9-05abdf803919", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -24241,7 +23887,7 @@ ] }, { - "bom-ref": "urn:uuid:f5561adf-4238-4bd2-9632-7f654c73dab4", + "bom-ref": "urn:uuid:c28e8f45-3810-4e2c-8ff1-58f4c0304a2f", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -24274,7 +23920,7 @@ ] }, { - "bom-ref": "urn:uuid:4da23ae0-e01f-4427-b779-20267e3db997", + "bom-ref": "urn:uuid:373a2908-a0c9-4ab1-b493-42a05b55b369", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -24307,7 +23953,7 @@ ] }, { - "bom-ref": "urn:uuid:ccf288f3-105b-429f-a9c2-ff1a44393e92", + "bom-ref": "urn:uuid:7e50a625-e1fa-45ff-9e50-cb6df560f4be", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -24340,7 +23986,7 @@ ] }, { - "bom-ref": "urn:uuid:c391678e-0ec2-4db8-a592-7a1ae2538676", + "bom-ref": "urn:uuid:67ea4148-359e-420d-9fab-4865ea37b65d", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -24373,7 +24019,7 @@ ] }, { - "bom-ref": "urn:uuid:f236bafb-e7db-4835-9ce2-6be505bc2efa", + "bom-ref": "urn:uuid:01c498c5-033f-4bad-b9e6-e15f20c7c058", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -24406,7 +24052,7 @@ ] }, { - "bom-ref": "urn:uuid:8135e4b8-3ffd-423c-b3ac-b0e54f491c4c", + "bom-ref": "urn:uuid:8221485d-c5d0-467c-a789-237300a0c248", "id": "CVE-2024-28757", "source": { "name": "debian-distro-debian-12", @@ -24439,7 +24085,7 @@ ] }, { - "bom-ref": "urn:uuid:a7a847bb-2708-460e-b27f-e4e5c5aab7e6", + "bom-ref": "urn:uuid:1688b8db-9de6-4bad-b5d6-fbe70f05df04", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -24459,6 +24105,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -24471,7 +24118,7 @@ ] }, { - "bom-ref": "urn:uuid:df14a34c-2623-431f-8341-2193163b338b", + "bom-ref": "urn:uuid:54ddd5a1-124b-4daf-8dd3-ff20d8638cf3", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -24491,6 +24138,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -24503,7 +24151,7 @@ ] }, { - "bom-ref": "urn:uuid:2c0e1072-9113-49a9-a2be-05e6526e9705", + "bom-ref": "urn:uuid:3b7b8448-6ee4-4eb7-8380-0d2787b14eb7", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -24523,6 +24171,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -24535,7 +24184,7 @@ ] }, { - "bom-ref": "urn:uuid:545c0297-be68-4052-9fd7-68952967af56", + "bom-ref": "urn:uuid:df216360-472e-4ec9-9085-25269ebc26ff", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -24555,6 +24204,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -24567,7 +24217,7 @@ ] }, { - "bom-ref": "urn:uuid:1a9e8a4c-f654-4d1d-80c9-452a42c4de90", + "bom-ref": "urn:uuid:d55df39f-3af9-44b3-8cfd-873c86f763b7", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -24587,6 +24237,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -24599,7 +24250,7 @@ ] }, { - "bom-ref": "urn:uuid:4d352e4e-412a-4b35-8e2e-d6b77921b828", + "bom-ref": "urn:uuid:e7cf51d7-4126-4755-a362-70f67676c1eb", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -24619,6 +24270,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -24631,7 +24283,7 @@ ] }, { - "bom-ref": "urn:uuid:59524d28-8cee-494f-bd61-193a80c6612d", + "bom-ref": "urn:uuid:14c4299e-dccb-4450-9069-88ba874665d6", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -24651,6 +24303,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -24663,7 +24316,7 @@ ] }, { - "bom-ref": "urn:uuid:fc8a85aa-452c-4508-8bd2-0254cf6195ae", + "bom-ref": "urn:uuid:f0a48e13-0564-47bf-9d5c-5f50b9a1b8d2", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -24683,6 +24336,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -24695,7 +24349,7 @@ ] }, { - "bom-ref": "urn:uuid:3fa22181-c5e9-4dfd-9a30-40a05cfe7102", + "bom-ref": "urn:uuid:d1098d2c-1e1e-4e53-a4f3-b65adf84c347", "id": "CVE-2024-4030", "source": { "name": "nvd-cpe", @@ -24712,7 +24366,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 7.1, + "severity": "high", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "description": "On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions.\n\nIf you’re not using Windows or haven’t changed the temporary directory location then you aren’t affected by this vulnerability. On other platforms the returned directory is consistently readable and writable only by the current user.\n\nThis issue was caused by Python not supporting Unix permissions on Windows. The fix adds support for Unix “700” for the mkdir function on Windows which is used by mkdtemp() to ensure the newly created directory has the proper permissions.\n", @@ -24762,12 +24419,12 @@ ], "affects": [ { - "ref": "pkg:generic/python@3.11.9?package-id=a48d082afc955ee4" + "ref": "pkg:generic/python@3.11.9?package-id=09a1e3f80eef3fc9" } ] }, { - "bom-ref": "urn:uuid:9c35a12b-02b6-44c6-9890-181f14a0b1d0", + "bom-ref": "urn:uuid:3ea4a85a-2060-41b0-906f-5e8d2a899f57", "id": "CVE-2024-4032", "source": { "name": "debian-distro-debian-12", @@ -24795,12 +24452,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" + "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651" } ] }, { - "bom-ref": "urn:uuid:27f15636-2210-450c-9fa7-25a9081631f1", + "bom-ref": "urn:uuid:87431fa3-2ecc-441d-9167-5b95be17f912", "id": "CVE-2024-4032", "source": { "name": "debian-distro-debian-12", @@ -24828,12 +24485,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" + "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=99bba6ed48d491dd" } ] }, { - "bom-ref": "urn:uuid:b404c9e9-54c9-44c7-a421-97de3a09df80", + "bom-ref": "urn:uuid:68fe0944-bd2f-41a2-8843-6e268be11f3d", "id": "CVE-2024-4032", "source": { "name": "nvd-cpe", @@ -24894,12 +24551,12 @@ ], "affects": [ { - "ref": "pkg:generic/python@3.11.9?package-id=a48d082afc955ee4" + "ref": "pkg:generic/python@3.11.9?package-id=09a1e3f80eef3fc9" } ] }, { - "bom-ref": "urn:uuid:dd998722-5580-4ee4-8385-4d82fb3007cd", + "bom-ref": "urn:uuid:015736de-b764-40d2-9089-7a9f3ce69177", "id": "CVE-2024-4032", "source": { "name": "debian-distro-debian-12", @@ -24927,12 +24584,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" + "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0b5e9759b20aed22" } ] }, { - "bom-ref": "urn:uuid:b964e5a7-9bbc-4e38-960c-55cfb195e8b1", + "bom-ref": "urn:uuid:b75c3a98-8c83-48f2-9e42-46e5fba28f78", "id": "CVE-2024-4603", "source": { "name": "debian-distro-debian-12", @@ -24960,12 +24617,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" } ] }, { - "bom-ref": "urn:uuid:d81d8a13-cf38-4358-b7da-e13e68ce8c58", + "bom-ref": "urn:uuid:4dfea1f8-dbbf-4b76-9903-82d73a972338", "id": "CVE-2024-4741", "source": { "name": "debian-distro-debian-12", @@ -24992,12 +24649,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" } ] }, { - "bom-ref": "urn:uuid:10362e70-aaf7-418a-91e9-3dd0d9134052", + "bom-ref": "urn:uuid:e4b5a62f-c678-444f-8b65-109ecbb00626", "id": "CVE-2024-5535", "source": { "name": "debian-distro-debian-12", @@ -25014,9 +24671,10 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "critical" } ], + "description": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-5535" @@ -25024,12 +24682,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" } ] }, { - "bom-ref": "urn:uuid:d114abf1-1074-4490-b491-28b274dfce8f", + "bom-ref": "urn:uuid:35d90b32-4bcb-43c8-9f71-fb7d3364bdcf", "id": "GHSA-34jh-p97f-mpxf", "source": { "name": "github-language-python", @@ -25065,7 +24723,7 @@ ] }, { - "bom-ref": "urn:uuid:d145f998-8711-4ad7-9ff7-0ab906c89aab", + "bom-ref": "urn:uuid:782914fa-2450-46aa-a6df-6bc756154f28", "id": "GHSA-4v7x-pqxf-cx7m", "source": { "name": "github-language-go", @@ -25101,7 +24759,7 @@ ] }, { - "bom-ref": "urn:uuid:8fbb3828-e208-4acf-bb7c-5e7a0874fc1d", + "bom-ref": "urn:uuid:50c50c9d-1e09-4abb-ba4f-ca9c3c3b10a8", "id": "GHSA-4v7x-pqxf-cx7m", "source": { "name": "github-language-go", @@ -25132,12 +24790,12 @@ ], "affects": [ { - "ref": "pkg:golang/golang.org/x/net@v0.20.0?package-id=a2fce92e144fbc71" + "ref": "pkg:golang/golang.org/x/net@v0.20.0?package-id=74d027b531e7de02" } ] }, { - "bom-ref": "urn:uuid:b73b63b4-4166-4482-87db-202d96f57c3f", + "bom-ref": "urn:uuid:1012cfb4-941a-4f07-81e5-426eefb99545", "id": "GHSA-8r3f-844c-mc37", "source": { "name": "github-language-go", @@ -25170,7 +24828,7 @@ ] }, { - "bom-ref": "urn:uuid:ec60222d-8ace-47ad-8f4a-a0822e703b08", + "bom-ref": "urn:uuid:f97da229-7ece-4ab9-84d4-9bbfdda7961b", "id": "GHSA-8r3f-844c-mc37", "source": { "name": "github-language-go", @@ -25198,12 +24856,12 @@ ], "affects": [ { - "ref": "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=2d01130f548ca187" + "ref": "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=cf0a618c2651fffc" } ] }, { - "bom-ref": "urn:uuid:3eff5f22-5b69-4110-80d5-c365e48620ca", + "bom-ref": "urn:uuid:d9155825-2b1f-41c3-a81c-e48469494c36", "id": "GHSA-9wx4-h78v-vm56", "source": { "name": "github-language-python", @@ -25239,7 +24897,7 @@ ] }, { - "bom-ref": "urn:uuid:ffe30ab8-7a21-4970-98d6-8c4b5fe33f63", + "bom-ref": "urn:uuid:2d7bfd20-615e-4ab9-8f92-e252ef35ffb9", "id": "GHSA-h75v-3vvj-5mfj", "source": { "name": "github-language-python", @@ -25275,7 +24933,7 @@ ] }, { - "bom-ref": "urn:uuid:59d22981-6e6d-4452-908f-2b3bec6fb078", + "bom-ref": "urn:uuid:937c9d17-5176-45e4-8ae7-68b4119a89df", "id": "GHSA-jjg7-2v4v-x38h", "source": { "name": "github-language-python", @@ -25311,7 +24969,7 @@ ] }, { - "bom-ref": "urn:uuid:279d21a5-716c-4058-9c8c-a2be8efa6b5d", + "bom-ref": "urn:uuid:4e90fa37-7197-490d-8342-b1e807233aab", "id": "GHSA-jw44-4f3j-q396", "source": { "name": "github-language-go", @@ -25344,7 +25002,7 @@ ] }, { - "bom-ref": "urn:uuid:d65d89ee-f532-44af-b12d-a70daad23390", + "bom-ref": "urn:uuid:a0b90c9d-1e96-4fb7-b525-8c90b0315d8b", "id": "GHSA-r53h-jv2g-vpx6", "source": { "name": "github-language-go", @@ -25380,7 +25038,7 @@ ] }, { - "bom-ref": "urn:uuid:c17c669e-b98f-4ba7-848a-19090c05820d", + "bom-ref": "urn:uuid:f8a20abb-4aea-4c37-9342-7b269484a42f", "id": "GHSA-v53g-5gjp-272r", "source": { "name": "github-language-go", @@ -25416,7 +25074,7 @@ ] }, { - "bom-ref": "urn:uuid:3f89fadd-b804-4607-9d3f-a1987661aa69", + "bom-ref": "urn:uuid:361d9796-543e-4855-af4a-6c163eb65841", "id": "GHSA-xw73-rw38-6vjc", "source": { "name": "github-language-go", diff --git a/sboms/docker.io_vectorim_ess-core-updater-conversion-webhook:2.18.6.json b/sboms/docker.io_vectorim_ess-core-updater-conversion-webhook:2.19.0.json similarity index 85% rename from sboms/docker.io_vectorim_ess-core-updater-conversion-webhook:2.18.6.json rename to sboms/docker.io_vectorim_ess-core-updater-conversion-webhook:2.19.0.json index b55a168..0721c5b 100644 --- a/sboms/docker.io_vectorim_ess-core-updater-conversion-webhook:2.18.6.json +++ b/sboms/docker.io_vectorim_ess-core-updater-conversion-webhook:2.19.0.json @@ -1,26 +1,26 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:c60bde99-3c8f-4da6-946e-26ab4f1df83e", + "specVersion": "1.6", + "serialNumber": "urn:uuid:462be60e-5612-4ba5-8898-c026e34cc6cf", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:59:28Z", + "timestamp": "2024-07-05T12:07:40Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, "component": { - "bom-ref": "20a5a6a425e2f13f", + "bom-ref": "3f639c989188d87b", "type": "container", - "name": "docker.io/vectorim/ess-core-updater-conversion-webhook:2.18.6@sha256:0a5eb57327364f187a0f5ff948dd42baebf49f1ab1c40c393571651871d255d7", - "version": "sha256:0a5eb57327364f187a0f5ff948dd42baebf49f1ab1c40c393571651871d255d7" + "name": "docker.io/vectorim/ess-core-updater-conversion-webhook:2.19.0@sha256:21e7925e0613b259795adbb554acdcab7a1870ea219a88aaaafb85f1db832a5c", + "version": "sha256:21e7925e0613b259795adbb554acdcab7a1870ea219a88aaaafb85f1db832a5c" }, "properties": [ { @@ -31,11 +31,11 @@ }, "components": [ { - "bom-ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=854ccee33785ad46", + "bom-ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12&package-id=61199aa239b084c0", "type": "library", "publisher": "Santiago Vila ", "name": "base-files", - "version": "12.4+deb12u5", + "version": "12.4+deb12u6", "licenses": [ { "license": { @@ -43,8 +43,8 @@ } } ], - "cpe": "cpe:2.3:a:base-files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12", + "cpe": "cpe:2.3:a:base-files:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -60,27 +60,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base-files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base-files:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:0:path", @@ -88,7 +88,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:1:path", @@ -96,7 +96,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:2:path", @@ -109,7 +109,7 @@ ] }, { - "bom-ref": "pkg:golang/command-line-arguments@(devel)?package-id=b74fa1301f043268", + "bom-ref": "pkg:golang/command-line-arguments@(devel)?package-id=4174acb63a7bb646", "type": "library", "name": "command-line-arguments", "version": "(devel)", @@ -133,7 +133,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -145,7 +145,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -158,7 +158,7 @@ ] }, { - "bom-ref": "pkg:golang/element.io/conversion-webhook@(devel)?package-id=4b1ce2c22ef41ecb", + "bom-ref": "pkg:golang/element.io/conversion-webhook@(devel)?package-id=88ab5d1c8c140d36", "type": "library", "name": "element.io/conversion-webhook", "version": "(devel)", @@ -182,7 +182,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -194,7 +194,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -207,7 +207,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=fa5c1f779071ab1d", + "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=8a99b9e71ad7164b", "type": "library", "name": "github.com/davecgh/go-spew", "version": "v1.1.1", @@ -236,7 +236,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -248,7 +248,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -265,7 +265,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/emicklei/go-restful@v3.9.0?package-id=ba1f1c9caaa7f9a1#v3", + "bom-ref": "pkg:golang/github.com/emicklei/go-restful@v3.9.0?package-id=728bf5326b69b861#v3", "type": "library", "name": "github.com/emicklei/go-restful/v3", "version": "v3.9.0", @@ -294,7 +294,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -306,7 +306,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -323,7 +323,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-logr/logr@v1.2.4?package-id=dee55c761f23a544", + "bom-ref": "pkg:golang/github.com/go-logr/logr@v1.2.4?package-id=3846a049cb88b4c6", "type": "library", "name": "github.com/go-logr/logr", "version": "v1.2.4", @@ -356,7 +356,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -368,7 +368,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -385,7 +385,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=bc8ba8d136fae4aa", + "bom-ref": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=978f4b1a7be33f9d", "type": "library", "name": "github.com/go-openapi/jsonpointer", "version": "v0.19.6", @@ -418,7 +418,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -430,7 +430,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -447,7 +447,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=09ae0a3965838ab9", + "bom-ref": "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=1ce363815d685dc3", "type": "library", "name": "github.com/go-openapi/jsonreference", "version": "v0.20.2", @@ -480,7 +480,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -492,7 +492,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -509,7 +509,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/swag@v0.22.3?package-id=b029c0d82fc1ea8b", + "bom-ref": "pkg:golang/github.com/go-openapi/swag@v0.22.3?package-id=406c3205666ea61c", "type": "library", "name": "github.com/go-openapi/swag", "version": "v0.22.3", @@ -542,7 +542,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -554,7 +554,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -571,7 +571,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=7fdb47937adc84f2", + "bom-ref": "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=051e75e03536e924", "type": "library", "name": "github.com/gogo/protobuf", "version": "v1.3.2", @@ -596,7 +596,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -608,7 +608,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -625,7 +625,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=32db018d4061cda0", + "bom-ref": "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=b08d098205905880", "type": "library", "name": "github.com/golang/protobuf", "version": "v1.5.3", @@ -650,7 +650,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -662,7 +662,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -679,7 +679,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=afa9c88637ce6a36", + "bom-ref": "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=19d6585db2026a9d", "type": "library", "name": "github.com/google/gnostic-models", "version": "v0.6.8", @@ -708,7 +708,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -720,7 +720,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -737,7 +737,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/go-cmp@v0.5.9?package-id=e60e375f9a1d0db7", + "bom-ref": "pkg:golang/github.com/google/go-cmp@v0.5.9?package-id=4ce487588bbcebb5", "type": "library", "name": "github.com/google/go-cmp", "version": "v0.5.9", @@ -766,7 +766,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -778,7 +778,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -795,7 +795,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=79c7fa643a05ce00", + "bom-ref": "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=c27efff79b965ce6", "type": "library", "name": "github.com/google/gofuzz", "version": "v1.2.0", @@ -820,7 +820,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -832,7 +832,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -849,7 +849,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/uuid@v1.3.0?package-id=93cabcce4c0cdcf7", + "bom-ref": "pkg:golang/github.com/google/uuid@v1.3.0?package-id=7ae2d23439c514b7", "type": "library", "name": "github.com/google/uuid", "version": "v1.3.0", @@ -874,7 +874,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -886,7 +886,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -903,7 +903,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=77217bbaa863660f", + "bom-ref": "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=d6f22c66ce5ed74b", "type": "library", "name": "github.com/josharian/intern", "version": "v1.0.0", @@ -928,7 +928,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -940,7 +940,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -957,7 +957,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=6459eee723ea63d0", + "bom-ref": "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=8a2bdfcf3b0728f5", "type": "library", "name": "github.com/json-iterator/go", "version": "v1.1.12", @@ -990,7 +990,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1002,7 +1002,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1019,7 +1019,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=fc3e1dc6c87dfeb5", + "bom-ref": "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=06de5d2b4a776f06", "type": "library", "name": "github.com/mailru/easyjson", "version": "v0.7.7", @@ -1044,7 +1044,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1056,7 +1056,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1073,7 +1073,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=5040b2e30327e974", + "bom-ref": "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=165e3582195900f6", "type": "library", "name": "github.com/modern-go/concurrent", "version": "v0.0.0-20180306012644-bacd9c7ef1dd", @@ -1106,7 +1106,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1118,7 +1118,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1135,7 +1135,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=2de08a81eac24afb", + "bom-ref": "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=8a10d7e202c2e37d", "type": "library", "name": "github.com/modern-go/reflect2", "version": "v1.0.2", @@ -1168,7 +1168,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1180,7 +1180,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1197,7 +1197,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=e1366a931f0f2084", + "bom-ref": "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=a0193002c990cc91", "type": "library", "name": "github.com/munnerz/goautoneg", "version": "v0.0.0-20191010083416-a7dc8b61c822", @@ -1222,7 +1222,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1234,7 +1234,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1251,7 +1251,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.7.0?package-id=26f4acc7a7a2d248", + "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.7.0?package-id=fba62855b80a7997", "type": "library", "name": "github.com/spf13/cobra", "version": "v1.7.0", @@ -1276,7 +1276,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1288,7 +1288,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1305,7 +1305,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=12cfc690dcc153df", + "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=044210eb72037bbb", "type": "library", "name": "github.com/spf13/pflag", "version": "v1.0.5", @@ -1330,7 +1330,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1342,7 +1342,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1359,7 +1359,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/net@v0.17.0?package-id=184f41c87b5f4140", + "bom-ref": "pkg:golang/golang.org/x/net@v0.17.0?package-id=172682ed9da5cfc1", "type": "library", "name": "golang.org/x/net", "version": "v0.17.0", @@ -1384,7 +1384,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1396,7 +1396,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1413,7 +1413,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/oauth2@v0.8.0?package-id=d252c36980d28ce1", + "bom-ref": "pkg:golang/golang.org/x/oauth2@v0.8.0?package-id=d1c814a81c4bff8b", "type": "library", "name": "golang.org/x/oauth2", "version": "v0.8.0", @@ -1438,7 +1438,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1450,7 +1450,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1467,7 +1467,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/sys@v0.13.0?package-id=e83e1555fa2474b4", + "bom-ref": "pkg:golang/golang.org/x/sys@v0.13.0?package-id=1da4ac5e06a1c483", "type": "library", "name": "golang.org/x/sys", "version": "v0.13.0", @@ -1492,7 +1492,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1504,7 +1504,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1521,7 +1521,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/term@v0.13.0?package-id=4c1abc1476f3ae86", + "bom-ref": "pkg:golang/golang.org/x/term@v0.13.0?package-id=145051a3a0242595", "type": "library", "name": "golang.org/x/term", "version": "v0.13.0", @@ -1546,7 +1546,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1558,7 +1558,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1575,7 +1575,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/text@v0.13.0?package-id=1c326286f814f028", + "bom-ref": "pkg:golang/golang.org/x/text@v0.13.0?package-id=815966c4ee4e7e8e", "type": "library", "name": "golang.org/x/text", "version": "v0.13.0", @@ -1600,7 +1600,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1612,7 +1612,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1629,7 +1629,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/time@v0.3.0?package-id=fd2309d20c5d5c2f", + "bom-ref": "pkg:golang/golang.org/x/time@v0.3.0?package-id=971a45cce76af353", "type": "library", "name": "golang.org/x/time", "version": "v0.3.0", @@ -1654,7 +1654,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1666,7 +1666,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1683,7 +1683,7 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/protobuf@v1.30.0?package-id=af5d4ca034475bc2", + "bom-ref": "pkg:golang/google.golang.org/protobuf@v1.30.0?package-id=e2a287f9c8247926", "type": "library", "name": "google.golang.org/protobuf", "version": "v1.30.0", @@ -1708,7 +1708,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1720,7 +1720,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1737,7 +1737,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=f5bbaf123d08f5e7", + "bom-ref": "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=59b64cb71bacc2f3", "type": "library", "name": "gopkg.in/inf.v0", "version": "v0.9.1", @@ -1761,7 +1761,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1773,7 +1773,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1790,7 +1790,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=6689640c6df7d600", + "bom-ref": "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=b6896eb38c75f887", "type": "library", "name": "gopkg.in/yaml.v2", "version": "v2.4.0", @@ -1814,7 +1814,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1826,7 +1826,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1843,7 +1843,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=3ca4d3af38c404fd", + "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=a0927f901869b9fb", "type": "library", "name": "gopkg.in/yaml.v3", "version": "v3.0.1", @@ -1868,7 +1868,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1880,7 +1880,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1897,7 +1897,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/api@v0.28.3?package-id=df789aefea0eb43c", + "bom-ref": "pkg:golang/k8s.io/api@v0.28.3?package-id=473d7e7e78448944", "type": "library", "name": "k8s.io/api", "version": "v0.28.3", @@ -1921,7 +1921,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1933,7 +1933,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1950,7 +1950,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.3?package-id=c5d4e9b997b01b4d", + "bom-ref": "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.3?package-id=ca51d2ac0dfbda3e", "type": "library", "name": "k8s.io/apiextensions-apiserver", "version": "v0.28.3", @@ -1974,7 +1974,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -1986,7 +1986,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2003,7 +2003,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/apimachinery@v0.28.3?package-id=378c52edad8d8b07", + "bom-ref": "pkg:golang/k8s.io/apimachinery@v0.28.3?package-id=82c68d4f4f2f27e8", "type": "library", "name": "k8s.io/apimachinery", "version": "v0.28.3", @@ -2027,7 +2027,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -2039,7 +2039,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2056,7 +2056,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/client-go@v0.28.3?package-id=e97aaa4eec507e60", + "bom-ref": "pkg:golang/k8s.io/client-go@v0.28.3?package-id=a31c6de51e0e5673", "type": "library", "name": "k8s.io/client-go", "version": "v0.28.3", @@ -2080,7 +2080,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -2092,7 +2092,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2109,7 +2109,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/klog@v1.0.0?package-id=ba9212ddb8575c66", + "bom-ref": "pkg:golang/k8s.io/klog@v1.0.0?package-id=1c404a6e7b0e5fb4", "type": "library", "name": "k8s.io/klog", "version": "v1.0.0", @@ -2133,7 +2133,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -2145,7 +2145,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2162,7 +2162,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=24704a64f54f6c56", + "bom-ref": "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=c755157f1b97c18c", "type": "library", "name": "k8s.io/klog/v2", "version": "v2.100.1", @@ -2187,7 +2187,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -2199,7 +2199,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2216,7 +2216,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=1acaf3e7a7182c7a", + "bom-ref": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=d7e794af7fdea772", "type": "library", "name": "k8s.io/kube-openapi", "version": "v0.0.0-20230717233707-2695361300d9", @@ -2240,7 +2240,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -2252,7 +2252,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2269,7 +2269,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20230406110748-d93618cff8a2?package-id=f3406e1b871d0bd5", + "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20230406110748-d93618cff8a2?package-id=537c88bfbe32e49f", "type": "library", "name": "k8s.io/utils", "version": "v0.0.0-20230406110748-d93618cff8a2", @@ -2293,7 +2293,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -2305,7 +2305,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2380,7 +2380,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=07b6acffcbae3bfa", + "bom-ref": "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=ae75d75944b68e1b", "type": "library", "name": "sigs.k8s.io/json", "version": "v0.0.0-20221116044647-bc3834ca7abd", @@ -2404,7 +2404,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -2416,7 +2416,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2433,7 +2433,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=6791804e2dd75ce5", + "bom-ref": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=8afad73138d314df", "type": "library", "name": "sigs.k8s.io/structured-merge-diff/v4", "version": "v4.2.3", @@ -2474,7 +2474,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -2486,7 +2486,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2503,7 +2503,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/yaml@v1.3.0?package-id=d76a6399e4f0d93b", + "bom-ref": "pkg:golang/sigs.k8s.io/yaml@v1.3.0?package-id=f84e254ba2f9fcdb", "type": "library", "name": "sigs.k8s.io/yaml", "version": "v1.3.0", @@ -2527,7 +2527,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -2539,7 +2539,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2556,10 +2556,10 @@ ] }, { - "bom-ref": "pkg:golang/stdlib@1.21.11?package-id=b78446cd8972cf78", + "bom-ref": "pkg:golang/stdlib@1.21.12?package-id=93110a46168a372e", "type": "library", "name": "stdlib", - "version": "go1.21.11", + "version": "go1.21.12", "licenses": [ { "license": { @@ -2567,8 +2567,8 @@ } } ], - "cpe": "cpe:2.3:a:golang:go:1.21.11:-:*:*:*:*:*:*", - "purl": "pkg:golang/stdlib@1.21.11", + "cpe": "cpe:2.3:a:golang:go:1.21.12:-:*:*:*:*:*:*", + "purl": "pkg:golang/stdlib@1.21.12", "properties": [ { "name": "syft:package:language", @@ -2584,7 +2584,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:1ee75e6379426345d8aa5e808eb66e6d714e7c1ab3a0a6c99f189c9bee130266" + "value": "sha256:4e28a33372a762708b5d0a8f2469e1ba11aefdbef097f5e8b3803e844111e4e0" }, { "name": "syft:location:0:path", @@ -2592,7 +2592,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.21.11" + "value": "go1.21.12" } ] }, @@ -2696,9 +2696,59 @@ ] } ], + "dependencies": [ + { + "ref": "pkg:golang/command-line-arguments@(devel)?package-id=4174acb63a7bb646", + "dependsOn": [ + "pkg:golang/element.io/conversion-webhook@(devel)?package-id=88ab5d1c8c140d36", + "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=8a99b9e71ad7164b", + "pkg:golang/github.com/emicklei/go-restful@v3.9.0?package-id=728bf5326b69b861#v3", + "pkg:golang/github.com/go-logr/logr@v1.2.4?package-id=3846a049cb88b4c6", + "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=978f4b1a7be33f9d", + "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=1ce363815d685dc3", + "pkg:golang/github.com/go-openapi/swag@v0.22.3?package-id=406c3205666ea61c", + "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=051e75e03536e924", + "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=b08d098205905880", + "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=19d6585db2026a9d", + "pkg:golang/github.com/google/go-cmp@v0.5.9?package-id=4ce487588bbcebb5", + "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=c27efff79b965ce6", + "pkg:golang/github.com/google/uuid@v1.3.0?package-id=7ae2d23439c514b7", + "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=d6f22c66ce5ed74b", + "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=8a2bdfcf3b0728f5", + "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=06de5d2b4a776f06", + "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=165e3582195900f6", + "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=8a10d7e202c2e37d", + "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=a0193002c990cc91", + "pkg:golang/github.com/spf13/cobra@v1.7.0?package-id=fba62855b80a7997", + "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=044210eb72037bbb", + "pkg:golang/golang.org/x/net@v0.17.0?package-id=172682ed9da5cfc1", + "pkg:golang/golang.org/x/oauth2@v0.8.0?package-id=d1c814a81c4bff8b", + "pkg:golang/golang.org/x/sys@v0.13.0?package-id=1da4ac5e06a1c483", + "pkg:golang/golang.org/x/term@v0.13.0?package-id=145051a3a0242595", + "pkg:golang/golang.org/x/text@v0.13.0?package-id=815966c4ee4e7e8e", + "pkg:golang/golang.org/x/time@v0.3.0?package-id=971a45cce76af353", + "pkg:golang/google.golang.org/protobuf@v1.30.0?package-id=e2a287f9c8247926", + "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=59b64cb71bacc2f3", + "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=b6896eb38c75f887", + "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=a0927f901869b9fb", + "pkg:golang/k8s.io/api@v0.28.3?package-id=473d7e7e78448944", + "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.3?package-id=ca51d2ac0dfbda3e", + "pkg:golang/k8s.io/apimachinery@v0.28.3?package-id=82c68d4f4f2f27e8", + "pkg:golang/k8s.io/client-go@v0.28.3?package-id=a31c6de51e0e5673", + "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=c755157f1b97c18c", + "pkg:golang/k8s.io/klog@v1.0.0?package-id=1c404a6e7b0e5fb4", + "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=d7e794af7fdea772", + "pkg:golang/k8s.io/utils@v0.0.0-20230406110748-d93618cff8a2?package-id=537c88bfbe32e49f", + "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=ae75d75944b68e1b", + "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=8afad73138d314df", + "pkg:golang/sigs.k8s.io/yaml@v1.3.0?package-id=f84e254ba2f9fcdb", + "pkg:golang/stdlib@1.21.12?package-id=93110a46168a372e" + ] + } + ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:82274451-8c45-4925-b589-ab252867a311", + "bom-ref": "urn:uuid:b25a7496-b9e6-4f46-9a39-800a386c6ea9", "id": "GHSA-4v7x-pqxf-cx7m", "source": { "name": "github-language-go", @@ -2729,12 +2779,12 @@ ], "affects": [ { - "ref": "pkg:golang/golang.org/x/net@v0.17.0?package-id=184f41c87b5f4140" + "ref": "pkg:golang/golang.org/x/net@v0.17.0?package-id=172682ed9da5cfc1" } ] }, { - "bom-ref": "urn:uuid:85128714-7808-401c-ba39-6e7d16314e16", + "bom-ref": "urn:uuid:57720fb6-3404-4b89-9862-35feca7e6909", "id": "GHSA-8r3f-844c-mc37", "source": { "name": "github-language-go", @@ -2762,7 +2812,7 @@ ], "affects": [ { - "ref": "pkg:golang/google.golang.org/protobuf@v1.30.0?package-id=af5d4ca034475bc2" + "ref": "pkg:golang/google.golang.org/protobuf@v1.30.0?package-id=e2a287f9c8247926" } ] } diff --git a/sboms/docker.io_vectorim_ess-core-updater:2.18.6.json b/sboms/docker.io_vectorim_ess-core-updater:2.19.0.json similarity index 90% rename from sboms/docker.io_vectorim_ess-core-updater:2.18.6.json rename to sboms/docker.io_vectorim_ess-core-updater:2.19.0.json index 848e897..ad290c1 100644 --- a/sboms/docker.io_vectorim_ess-core-updater:2.18.6.json +++ b/sboms/docker.io_vectorim_ess-core-updater:2.19.0.json @@ -1,26 +1,26 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:356d1744-7f3b-47d7-b461-80c6e1298db7", + "specVersion": "1.6", + "serialNumber": "urn:uuid:77d2534f-76bd-47b9-99bf-9e88fa80d5eb", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:59:37Z", + "timestamp": "2024-07-05T11:52:09Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, "component": { - "bom-ref": "f9ecd3b9841774f0", + "bom-ref": "6cd0e5773039767c", "type": "container", - "name": "docker.io/vectorim/ess-core-updater:2.18.6@sha256:9da4ac30d569c562322cfacd279b929c9c33db9d33d11a76a26d9be7f92ef264", - "version": "sha256:9da4ac30d569c562322cfacd279b929c9c33db9d33d11a76a26d9be7f92ef264" + "name": "docker.io/vectorim/ess-core-updater:2.19.0@sha256:cbeecc9a575cef6a5fe5a7ecfa88a20c496eedb5f20f500c9c85b66d8150f51c", + "version": "sha256:cbeecc9a575cef6a5fe5a7ecfa88a20c496eedb5f20f500c9c85b66d8150f51c" }, "properties": [ { @@ -107,7 +107,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -115,7 +115,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -123,7 +123,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -208,7 +208,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -216,7 +216,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -224,7 +224,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -382,7 +382,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -390,7 +390,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -398,7 +398,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -432,7 +432,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -466,7 +466,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -500,7 +500,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -534,7 +534,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -568,7 +568,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -602,7 +602,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -864,7 +864,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -872,7 +872,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -880,7 +880,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -1142,7 +1142,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -1150,7 +1150,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -1158,7 +1158,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -1436,7 +1436,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -1444,7 +1444,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -1452,7 +1452,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -1461,11 +1461,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=854ccee33785ad46", + "bom-ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12&package-id=61199aa239b084c0", "type": "library", "publisher": "Santiago Vila ", "name": "base-files", - "version": "12.4+deb12u5", + "version": "12.4+deb12u6", "licenses": [ { "license": { @@ -1473,8 +1473,8 @@ } } ], - "cpe": "cpe:2.3:a:base-files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12", + "cpe": "cpe:2.3:a:base-files:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/base-files@12.4%2Bdeb12u6?arch=amd64&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -1490,27 +1490,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base-files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base-files:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base-files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base_files:12.4\\+deb12u6:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:0:path", @@ -1518,7 +1518,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:1:path", @@ -1526,7 +1526,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" + "value": "sha256:f144bb4c7c7f0d2aa7eeffd36d934ec40db1ee167be727e326aad9fdc616f475" }, { "name": "syft:location:2:path", @@ -1664,7 +1664,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -1672,7 +1672,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -1680,7 +1680,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -1838,7 +1838,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -1846,7 +1846,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -1854,7 +1854,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -1896,7 +1896,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -1904,7 +1904,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -1912,7 +1912,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -2058,7 +2058,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -2066,7 +2066,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -2074,7 +2074,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -2304,7 +2304,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -2312,7 +2312,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -2320,7 +2320,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -2339,7 +2339,7 @@ "expression": "Apache-2.0 OR BSD-3-Clause" } ], - "cpe": "cpe:2.3:a:python-cryptography_project:python-cryptography:42.0.5:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:cryptography_project:cryptography:42.0.5:*:*:*:*:python:*:*", "purl": "pkg:pypi/cryptography@42.0.5", "properties": [ { @@ -2360,11 +2360,11 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:cryptography_project:cryptography:42.0.5:*:*:*:*:python:*:*" + "value": "cpe:2.3:a:python-cryptography_project:python-cryptography:42.0.5:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -2372,7 +2372,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -2380,7 +2380,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -2538,7 +2538,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -2546,7 +2546,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -2554,7 +2554,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -2588,7 +2588,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2638,7 +2638,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2688,7 +2688,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2738,7 +2738,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2788,7 +2788,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2838,7 +2838,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2888,7 +2888,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -2913,7 +2913,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/antlr/antlr4@v4.0.0-20230305170008-8188dc5388df?package-id=9f46f32c09dac19d#runtime/Go/antlr/v4", + "bom-ref": "pkg:golang/github.com/antlr/antlr4@v4.0.0-20230305170008-8188dc5388df?package-id=9820ee9f552e7470#runtime/Go/antlr/v4", "type": "library", "name": "github.com/antlr/antlr4/runtime/Go/antlr/v4", "version": "v4.0.0-20230305170008-8188dc5388df", @@ -2938,7 +2938,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -2950,7 +2950,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2992,7 +2992,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3042,7 +3042,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3067,7 +3067,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=88e1cd04c607cb87", + "bom-ref": "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=d852910acaf00c85", "type": "library", "name": "github.com/beorn7/perks", "version": "v1.0.1", @@ -3092,7 +3092,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -3104,7 +3104,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3121,7 +3121,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/blang/semver@v4.0.0?package-id=1cadb9cb6c80c53d#v4", + "bom-ref": "pkg:golang/github.com/blang/semver@v4.0.0?package-id=f24029dabee86752#v4", "type": "library", "name": "github.com/blang/semver/v4", "version": "v4.0.0", @@ -3146,7 +3146,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -3158,7 +3158,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3200,7 +3200,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3225,7 +3225,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/cespare/xxhash@v2.2.0?package-id=45ff925547467394#v2", + "bom-ref": "pkg:golang/github.com/cespare/xxhash@v2.2.0?package-id=5b1ea50cec38dae0#v2", "type": "library", "name": "github.com/cespare/xxhash/v2", "version": "v2.2.0", @@ -3250,7 +3250,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -3262,7 +3262,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3308,7 +3308,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3358,7 +3358,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3408,7 +3408,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3462,7 +3462,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3516,7 +3516,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3570,7 +3570,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3595,7 +3595,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.2-0.20180830191138-d8f796af33cc?package-id=6a41ad830a35fa3a", + "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.2-0.20180830191138-d8f796af33cc?package-id=021e8a8075bc6c38", "type": "library", "name": "github.com/davecgh/go-spew", "version": "v1.1.2-0.20180830191138-d8f796af33cc", @@ -3624,7 +3624,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -3636,7 +3636,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3678,7 +3678,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3728,7 +3728,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3778,7 +3778,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3832,7 +3832,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3886,7 +3886,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3940,7 +3940,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -3994,7 +3994,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4048,7 +4048,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4073,7 +4073,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/emicklei/go-restful@v3.11.0?package-id=3794a0163dd334af#v3", + "bom-ref": "pkg:golang/github.com/emicklei/go-restful@v3.11.0?package-id=1f69a39e1f7265fd#v3", "type": "library", "name": "github.com/emicklei/go-restful/v3", "version": "v3.11.0", @@ -4102,7 +4102,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4114,7 +4114,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4160,7 +4160,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4185,7 +4185,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/evanphx/json-patch@v5.6.0?package-id=abee44916e74a7d5#v5", + "bom-ref": "pkg:golang/github.com/evanphx/json-patch@v5.6.0?package-id=62d8e6aa96ad4427#v5", "type": "library", "name": "github.com/evanphx/json-patch/v5", "version": "v5.6.0", @@ -4214,7 +4214,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4226,7 +4226,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4276,7 +4276,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4326,7 +4326,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4376,7 +4376,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4401,7 +4401,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/fsnotify/fsnotify@v1.7.0?package-id=2a68babff60244a4", + "bom-ref": "pkg:golang/github.com/fsnotify/fsnotify@v1.7.0?package-id=cea6ffc8e85be392", "type": "library", "name": "github.com/fsnotify/fsnotify", "version": "v1.7.0", @@ -4426,7 +4426,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4438,7 +4438,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4480,7 +4480,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4538,7 +4538,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4596,7 +4596,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4654,7 +4654,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4679,7 +4679,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-logr/logr@v1.4.1?package-id=cd8352a43a5b0d62", + "bom-ref": "pkg:golang/github.com/go-logr/logr@v1.4.1?package-id=f48abfd7204df8a0", "type": "library", "name": "github.com/go-logr/logr", "version": "v1.4.1", @@ -4712,7 +4712,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4724,7 +4724,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4774,7 +4774,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4799,7 +4799,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-logr/zapr@v1.2.4?package-id=b0d585a422cc394d", + "bom-ref": "pkg:golang/github.com/go-logr/zapr@v1.2.4?package-id=2b0962fa828d7a0f", "type": "library", "name": "github.com/go-logr/zapr", "version": "v1.2.4", @@ -4832,7 +4832,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4844,7 +4844,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4894,7 +4894,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -4919,7 +4919,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=609c3bd7df94070f", + "bom-ref": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=33da78f8f29a8961", "type": "library", "name": "github.com/go-openapi/jsonpointer", "version": "v0.19.6", @@ -4952,7 +4952,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -4964,7 +4964,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5014,7 +5014,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5039,7 +5039,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=ac8c4bd47963e498", + "bom-ref": "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=0d38ab1030661897", "type": "library", "name": "github.com/go-openapi/jsonreference", "version": "v0.20.2", @@ -5072,7 +5072,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5084,7 +5084,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5134,7 +5134,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5159,7 +5159,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/swag@v0.22.4?package-id=e99a54aac51f69ab", + "bom-ref": "pkg:golang/github.com/go-openapi/swag@v0.22.4?package-id=7ed9f6623fd0ad4d", "type": "library", "name": "github.com/go-openapi/swag", "version": "v0.22.4", @@ -5192,7 +5192,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5204,7 +5204,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5246,7 +5246,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5296,7 +5296,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5346,7 +5346,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5371,7 +5371,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=4d383d18f89ff03d", + "bom-ref": "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=6e5100a377c7acf1", "type": "library", "name": "github.com/gogo/protobuf", "version": "v1.3.2", @@ -5396,7 +5396,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5408,7 +5408,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5425,7 +5425,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/golang/groupcache@v0.0.0-20210331224755-41bb18bfe9da?package-id=5d2ede722d397959", + "bom-ref": "pkg:golang/github.com/golang/groupcache@v0.0.0-20210331224755-41bb18bfe9da?package-id=a2ccf27610248563", "type": "library", "name": "github.com/golang/groupcache", "version": "v0.0.0-20210331224755-41bb18bfe9da", @@ -5450,7 +5450,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5462,7 +5462,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5504,7 +5504,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5529,7 +5529,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=cf05051e23606d8c", + "bom-ref": "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=69ecfc4acedc76c6", "type": "library", "name": "github.com/golang/protobuf", "version": "v1.5.3", @@ -5554,7 +5554,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5566,7 +5566,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5608,7 +5608,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5633,7 +5633,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/cel-go@v0.16.1?package-id=2fa03cb3308fddb4", + "bom-ref": "pkg:golang/github.com/google/cel-go@v0.16.1?package-id=d1561e8979c1051e", "type": "library", "name": "github.com/google/cel-go", "version": "v0.16.1", @@ -5662,7 +5662,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5674,7 +5674,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5720,7 +5720,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5745,7 +5745,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=8e03fe005fc61bd3", + "bom-ref": "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=fd78e9f4096341d9", "type": "library", "name": "github.com/google/gnostic-models", "version": "v0.6.8", @@ -5774,7 +5774,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5786,7 +5786,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5832,7 +5832,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5857,7 +5857,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/go-cmp@v0.6.0?package-id=0d249bd9f93ba664", + "bom-ref": "pkg:golang/github.com/google/go-cmp@v0.6.0?package-id=f41eb38263614dbc", "type": "library", "name": "github.com/google/go-cmp", "version": "v0.6.0", @@ -5886,7 +5886,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -5898,7 +5898,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5940,7 +5940,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -5965,7 +5965,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=70fac8da5c69ad39", + "bom-ref": "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=49363cdd0348c6e0", "type": "library", "name": "github.com/google/gofuzz", "version": "v1.2.0", @@ -5990,7 +5990,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6002,7 +6002,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6044,7 +6044,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6094,7 +6094,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6119,7 +6119,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/uuid@v1.4.0?package-id=2499158a9f49812e", + "bom-ref": "pkg:golang/github.com/google/uuid@v1.4.0?package-id=c02c6724944e0ec7", "type": "library", "name": "github.com/google/uuid", "version": "v1.4.0", @@ -6144,7 +6144,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6156,7 +6156,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6198,7 +6198,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6248,7 +6248,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6298,7 +6298,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6348,7 +6348,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6373,7 +6373,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/h2non/filetype@v1.1.3?package-id=34f952814fb1bb66", + "bom-ref": "pkg:golang/github.com/h2non/filetype@v1.1.3?package-id=bff0f0cdb7dcc96f", "type": "library", "name": "github.com/h2non/filetype", "version": "v1.1.3", @@ -6398,7 +6398,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6410,7 +6410,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6427,7 +6427,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/h2non/go-is-svg@v0.0.0-20160927212452-35e8c4b0612c?package-id=fd6207733b603c83", + "bom-ref": "pkg:golang/github.com/h2non/go-is-svg@v0.0.0-20160927212452-35e8c4b0612c?package-id=6b7e5b845a335321", "type": "library", "name": "github.com/h2non/go-is-svg", "version": "v0.0.0-20160927212452-35e8c4b0612c", @@ -6456,7 +6456,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6468,7 +6468,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6510,7 +6510,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6564,7 +6564,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6614,7 +6614,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6664,7 +6664,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6689,7 +6689,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/imdario/mergo@v0.3.13?package-id=36a26c58adda0c46", + "bom-ref": "pkg:golang/github.com/imdario/mergo@v0.3.13?package-id=fd46d21e02aa299f", "type": "library", "name": "github.com/imdario/mergo", "version": "v0.3.13", @@ -6714,7 +6714,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6726,7 +6726,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6768,7 +6768,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6818,7 +6818,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6843,7 +6843,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=c8864bebeffa7686", + "bom-ref": "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=ab64358b85d5d979", "type": "library", "name": "github.com/josharian/intern", "version": "v1.0.0", @@ -6868,7 +6868,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -6880,7 +6880,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -6930,7 +6930,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -6955,7 +6955,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=1152de83e54a07c1", + "bom-ref": "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=0fbd359f9f67ea75", "type": "library", "name": "github.com/json-iterator/go", "version": "v1.1.12", @@ -6988,7 +6988,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -7000,7 +7000,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -7042,7 +7042,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7092,7 +7092,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7142,7 +7142,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7192,7 +7192,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7242,7 +7242,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7292,7 +7292,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7317,7 +7317,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=e0ef44845f26878d", + "bom-ref": "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=af01d2cc31aa87ab", "type": "library", "name": "github.com/mailru/easyjson", "version": "v0.7.7", @@ -7342,7 +7342,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -7354,7 +7354,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -7400,7 +7400,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7454,7 +7454,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7508,7 +7508,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7562,7 +7562,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7587,7 +7587,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v2.0.0?package-id=e8ed749c42f00308#v2", + "bom-ref": "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v2.0.0?package-id=a120ac1532d06579#v2", "type": "library", "name": "github.com/matttproud/golang_protobuf_extensions/v2", "version": "v2.0.0", @@ -7616,7 +7616,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -7628,7 +7628,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -7670,7 +7670,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7724,7 +7724,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7774,7 +7774,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7824,7 +7824,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7874,7 +7874,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7924,7 +7924,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -7982,7 +7982,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8007,7 +8007,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=290a79e0ff39ee59", + "bom-ref": "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=a8201f41f544f12b", "type": "library", "name": "github.com/modern-go/concurrent", "version": "v0.0.0-20180306012644-bacd9c7ef1dd", @@ -8040,7 +8040,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8052,7 +8052,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8102,7 +8102,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8127,7 +8127,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=56cc6806d67daefc", + "bom-ref": "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=7cb400a10d36ed3b", "type": "library", "name": "github.com/modern-go/reflect2", "version": "v1.0.2", @@ -8160,7 +8160,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8172,7 +8172,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8218,7 +8218,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8268,7 +8268,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8318,7 +8318,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8343,7 +8343,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=b616da3658982b63", + "bom-ref": "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=e54f0218a2c060fd", "type": "library", "name": "github.com/munnerz/goautoneg", "version": "v0.0.0-20191010083416-a7dc8b61c822", @@ -8368,7 +8368,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8380,7 +8380,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8426,7 +8426,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8451,7 +8451,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/mxk/go-flowrate@v0.0.0-20140419014527-cca7078d478f?package-id=9038d32a1cbe0120", + "bom-ref": "pkg:golang/github.com/mxk/go-flowrate@v0.0.0-20140419014527-cca7078d478f?package-id=947882ae32065f95", "type": "library", "name": "github.com/mxk/go-flowrate", "version": "v0.0.0-20140419014527-cca7078d478f", @@ -8480,7 +8480,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8492,7 +8492,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8509,7 +8509,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/onsi/gomega@v1.30.0?package-id=c7dd5e8d7794a071", + "bom-ref": "pkg:golang/github.com/onsi/gomega@v1.30.0?package-id=d9fe55d01e8eef44", "type": "library", "name": "github.com/onsi/gomega", "version": "v1.30.0", @@ -8534,7 +8534,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8546,7 +8546,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8592,7 +8592,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8646,7 +8646,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -8671,12 +8671,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/operator-framework/ansible-operator-plugins@v36e6098?package-id=d6447a447fc6ab12", + "bom-ref": "pkg:golang/github.com/operator-framework/ansible-operator-plugins@v1.28.0?package-id=e01035932f70db61", "type": "library", "name": "github.com/operator-framework/ansible-operator-plugins", - "version": "v36e6098", - "cpe": "cpe:2.3:a:operator-framework:ansible-operator-plugins:v36e6098:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/operator-framework/ansible-operator-plugins@v36e6098", + "version": "v1.28.0", + "cpe": "cpe:2.3:a:operator-framework:ansible-operator-plugins:v1.28.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/operator-framework/ansible-operator-plugins@v1.28.0", "properties": [ { "name": "syft:package:foundBy", @@ -8696,27 +8696,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:operator-framework:ansible_operator_plugins:v36e6098:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:operator-framework:ansible_operator_plugins:v1.28.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:operator_framework:ansible-operator-plugins:v36e6098:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:operator_framework:ansible-operator-plugins:v1.28.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:operator_framework:ansible_operator_plugins:v36e6098:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:operator_framework:ansible_operator_plugins:v1.28.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:operator:ansible-operator-plugins:v36e6098:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:operator:ansible-operator-plugins:v1.28.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:operator:ansible_operator_plugins:v36e6098:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:operator:ansible_operator_plugins:v1.28.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8728,7 +8728,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8741,7 +8741,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/operator-framework/api@v0.21.0?package-id=e0fa1aad5ebb5a14", + "bom-ref": "pkg:golang/github.com/operator-framework/api@v0.21.0?package-id=db3fc61dfc3a2bb8", "type": "library", "name": "github.com/operator-framework/api", "version": "v0.21.0", @@ -8774,7 +8774,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8786,7 +8786,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8803,7 +8803,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/operator-framework/operator-lib@v0.12.0?package-id=619923b86f0dfc81", + "bom-ref": "pkg:golang/github.com/operator-framework/operator-lib@v0.12.0?package-id=f6200769c3f4abe9", "type": "library", "name": "github.com/operator-framework/operator-lib", "version": "v0.12.0", @@ -8848,7 +8848,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8860,7 +8860,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8877,7 +8877,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/operator-framework/operator-registry@v1.35.0?package-id=40f35949cdde0b8b", + "bom-ref": "pkg:golang/github.com/operator-framework/operator-registry@v1.35.0?package-id=5c53e1a0fe2b646b", "type": "library", "name": "github.com/operator-framework/operator-registry", "version": "v1.35.0", @@ -8922,7 +8922,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -8934,7 +8934,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -8976,7 +8976,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9026,7 +9026,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9051,7 +9051,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/pkg/errors@v0.9.1?package-id=dff20a7a96e331d2", + "bom-ref": "pkg:golang/github.com/pkg/errors@v0.9.1?package-id=2ebcefc04ca5e94c", "type": "library", "name": "github.com/pkg/errors", "version": "v0.9.1", @@ -9076,7 +9076,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9088,7 +9088,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9134,7 +9134,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9159,7 +9159,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/client_golang@v1.18.0?package-id=f5fdad80f78ffcf5", + "bom-ref": "pkg:golang/github.com/prometheus/client_golang@v1.18.0?package-id=f692fbad4e3943be", "type": "library", "name": "github.com/prometheus/client_golang", "version": "v1.18.0", @@ -9188,7 +9188,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9200,7 +9200,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9246,7 +9246,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9271,7 +9271,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/client_model@v0.5.0?package-id=bdae07e2d3757913", + "bom-ref": "pkg:golang/github.com/prometheus/client_model@v0.5.0?package-id=a698f6e90bbe0e0b", "type": "library", "name": "github.com/prometheus/client_model", "version": "v0.5.0", @@ -9300,7 +9300,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9312,7 +9312,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9354,7 +9354,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9379,7 +9379,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/common@v0.45.0?package-id=3ae5111954c7c00c", + "bom-ref": "pkg:golang/github.com/prometheus/common@v0.45.0?package-id=cf851583dc268cda", "type": "library", "name": "github.com/prometheus/common", "version": "v0.45.0", @@ -9404,7 +9404,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9416,7 +9416,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9458,7 +9458,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9483,7 +9483,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/procfs@v0.12.0?package-id=6ecf7bf790f656f6", + "bom-ref": "pkg:golang/github.com/prometheus/procfs@v0.12.0?package-id=188c22ff8b41f625", "type": "library", "name": "github.com/prometheus/procfs", "version": "v0.12.0", @@ -9508,7 +9508,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9520,7 +9520,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9566,7 +9566,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9616,7 +9616,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9666,7 +9666,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9716,7 +9716,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9741,7 +9741,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/sirupsen/logrus@v1.9.3?package-id=848df6cac3cf573e", + "bom-ref": "pkg:golang/github.com/sirupsen/logrus@v1.9.3?package-id=4cef29b92f702e95", "type": "library", "name": "github.com/sirupsen/logrus", "version": "v1.9.3", @@ -9766,7 +9766,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9778,7 +9778,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9795,7 +9795,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/afero@v1.11.0?package-id=8687ba678a5fbd05", + "bom-ref": "pkg:golang/github.com/spf13/afero@v1.11.0?package-id=65b23bc581dbd244", "type": "library", "name": "github.com/spf13/afero", "version": "v1.11.0", @@ -9820,7 +9820,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9832,7 +9832,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -9874,7 +9874,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9924,7 +9924,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -9949,7 +9949,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.8.0?package-id=8a625d8842e50033", + "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.8.0?package-id=71d3029a2532f3ad", "type": "library", "name": "github.com/spf13/cobra", "version": "v1.8.0", @@ -9974,7 +9974,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -9986,7 +9986,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10028,7 +10028,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10053,7 +10053,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=c294be09c9b723ed", + "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=d40b873071e286ca", "type": "library", "name": "github.com/spf13/pflag", "version": "v1.0.5", @@ -10078,7 +10078,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10090,7 +10090,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10107,7 +10107,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/stoewer/go-strcase@v1.2.0?package-id=8e254d661ef10cf4", + "bom-ref": "pkg:golang/github.com/stoewer/go-strcase@v1.2.0?package-id=88dbe3f68bbd14a9", "type": "library", "name": "github.com/stoewer/go-strcase", "version": "v1.2.0", @@ -10136,7 +10136,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10148,7 +10148,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10190,7 +10190,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10240,7 +10240,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10290,7 +10290,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10340,7 +10340,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10390,7 +10390,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10439,7 +10439,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10489,7 +10489,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10539,7 +10539,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10588,7 +10588,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10613,7 +10613,7 @@ ] }, { - "bom-ref": "pkg:golang/go.uber.org/multierr@v1.11.0?package-id=a112e969d72e2d43", + "bom-ref": "pkg:golang/go.uber.org/multierr@v1.11.0?package-id=bd8ec1cd27c96ab9", "type": "library", "name": "go.uber.org/multierr", "version": "v1.11.0", @@ -10637,7 +10637,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10649,7 +10649,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10666,7 +10666,7 @@ ] }, { - "bom-ref": "pkg:golang/go.uber.org/zap@v1.25.0?package-id=129dc2fa6b889950", + "bom-ref": "pkg:golang/go.uber.org/zap@v1.25.0?package-id=36969786a32c9e4f", "type": "library", "name": "go.uber.org/zap", "version": "v1.25.0", @@ -10690,7 +10690,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10702,7 +10702,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10744,7 +10744,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10769,7 +10769,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/exp@v0.0.0-20230905200255-921286631fa9?package-id=428abd633185f93d", + "bom-ref": "pkg:golang/golang.org/x/exp@v0.0.0-20230905200255-921286631fa9?package-id=03dfa2214a487beb", "type": "library", "name": "golang.org/x/exp", "version": "v0.0.0-20230905200255-921286631fa9", @@ -10794,7 +10794,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10806,7 +10806,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10848,7 +10848,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10873,7 +10873,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/net@v0.20.0?package-id=a2fce92e144fbc71", + "bom-ref": "pkg:golang/golang.org/x/net@v0.20.0?package-id=74d027b531e7de02", "type": "library", "name": "golang.org/x/net", "version": "v0.20.0", @@ -10898,7 +10898,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -10910,7 +10910,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -10952,7 +10952,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -10977,7 +10977,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/oauth2@v0.15.0?package-id=df31ed0bc624bd1a", + "bom-ref": "pkg:golang/golang.org/x/oauth2@v0.15.0?package-id=82a4ff55d678377c", "type": "library", "name": "golang.org/x/oauth2", "version": "v0.15.0", @@ -11002,7 +11002,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11014,7 +11014,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11056,7 +11056,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11106,7 +11106,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11131,7 +11131,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/sys@v0.16.0?package-id=abf110d482c08ab1", + "bom-ref": "pkg:golang/golang.org/x/sys@v0.16.0?package-id=0fe0bb7bacfe9242", "type": "library", "name": "golang.org/x/sys", "version": "v0.16.0", @@ -11156,7 +11156,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11168,7 +11168,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11210,7 +11210,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11235,7 +11235,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/term@v0.16.0?package-id=06a8a9352b118d7d", + "bom-ref": "pkg:golang/golang.org/x/term@v0.16.0?package-id=e496c1429eed599b", "type": "library", "name": "golang.org/x/term", "version": "v0.16.0", @@ -11260,7 +11260,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11272,7 +11272,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11314,7 +11314,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11339,7 +11339,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/text@v0.14.0?package-id=dd17ef7c453ce0ae", + "bom-ref": "pkg:golang/golang.org/x/text@v0.14.0?package-id=53bda3d094859e5c", "type": "library", "name": "golang.org/x/text", "version": "v0.14.0", @@ -11364,7 +11364,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11376,7 +11376,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11418,7 +11418,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11443,7 +11443,7 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/time@v0.5.0?package-id=229009ed90fbe567", + "bom-ref": "pkg:golang/golang.org/x/time@v0.5.0?package-id=ba99272182c980c0", "type": "library", "name": "golang.org/x/time", "version": "v0.5.0", @@ -11468,7 +11468,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11480,7 +11480,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11497,7 +11497,7 @@ ] }, { - "bom-ref": "pkg:golang/gomodules.xyz/jsonpatch/v2@v2.4.0?package-id=fff958001fd8a251", + "bom-ref": "pkg:golang/gomodules.xyz/jsonpatch/v2@v2.4.0?package-id=34d2ebc84180de24", "type": "library", "name": "gomodules.xyz/jsonpatch/v2", "version": "v2.4.0", @@ -11522,7 +11522,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11534,7 +11534,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11820,7 +11820,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -11828,7 +11828,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -11836,7 +11836,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -11845,7 +11845,7 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231120223509-83a465c0220f?package-id=a335ace129e34d48#api", + "bom-ref": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231120223509-83a465c0220f?package-id=f009b2455f0173b2#api", "type": "library", "name": "google.golang.org/genproto/googleapis/api", "version": "v0.0.0-20231120223509-83a465c0220f", @@ -11870,7 +11870,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11882,7 +11882,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -11924,7 +11924,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -11949,7 +11949,7 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231212172506-995d672761c0?package-id=0eae36fe841ffe94#rpc", + "bom-ref": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231212172506-995d672761c0?package-id=913c49b8106e7d52#rpc", "type": "library", "name": "google.golang.org/genproto/googleapis/rpc", "version": "v0.0.0-20231212172506-995d672761c0", @@ -11974,7 +11974,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -11986,7 +11986,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12028,7 +12028,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12053,7 +12053,7 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/grpc@v1.60.1?package-id=0c532ea732d0033e", + "bom-ref": "pkg:golang/google.golang.org/grpc@v1.60.1?package-id=636101af290a4894", "type": "library", "name": "google.golang.org/grpc", "version": "v1.60.1", @@ -12078,7 +12078,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12090,7 +12090,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12132,7 +12132,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12157,7 +12157,7 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=2d01130f548ca187", + "bom-ref": "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=cf0a618c2651fffc", "type": "library", "name": "google.golang.org/protobuf", "version": "v1.31.0", @@ -12182,7 +12182,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12194,7 +12194,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12235,7 +12235,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12260,7 +12260,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=0c06c4f84aa87b85", + "bom-ref": "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=d9c92d6fad067487", "type": "library", "name": "gopkg.in/inf.v0", "version": "v0.9.1", @@ -12284,7 +12284,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12296,7 +12296,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12337,7 +12337,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12362,7 +12362,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=d41e9d6a877e2cd5", + "bom-ref": "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=a3142707399850ad", "type": "library", "name": "gopkg.in/yaml.v2", "version": "v2.4.0", @@ -12386,7 +12386,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12398,7 +12398,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12440,7 +12440,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12465,7 +12465,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=b66410266ae5e6c4", + "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=1de0a56d885271d5", "type": "library", "name": "gopkg.in/yaml.v3", "version": "v3.0.1", @@ -12490,7 +12490,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12502,7 +12502,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12519,7 +12519,7 @@ ] }, { - "bom-ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=eaaf7e7c6c586545", + "bom-ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=a06b39d8afcd16cd", "type": "application", "name": "helm", "version": "3.14.0", @@ -12548,7 +12548,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12582,7 +12582,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -12721,7 +12721,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -12729,7 +12729,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -12887,7 +12887,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -12895,7 +12895,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -12903,7 +12903,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -12912,7 +12912,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/api@v0.28.5?package-id=40964a786adca107", + "bom-ref": "pkg:golang/k8s.io/api@v0.28.5?package-id=87dd2328d052f922", "type": "library", "name": "k8s.io/api", "version": "v0.28.5", @@ -12936,7 +12936,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -12948,7 +12948,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -12989,7 +12989,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13014,7 +13014,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.5?package-id=ba7a6de1eba3fa07", + "bom-ref": "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.5?package-id=b4be89cc25d97ba9", "type": "library", "name": "k8s.io/apiextensions-apiserver", "version": "v0.28.5", @@ -13038,7 +13038,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13050,7 +13050,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13091,7 +13091,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13116,7 +13116,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/apimachinery@v0.28.5?package-id=476103c47754030d", + "bom-ref": "pkg:golang/k8s.io/apimachinery@v0.28.5?package-id=bd6cfc7881749818", "type": "library", "name": "k8s.io/apimachinery", "version": "v0.28.5", @@ -13140,7 +13140,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13152,7 +13152,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13193,7 +13193,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13242,7 +13242,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13291,7 +13291,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13316,7 +13316,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/client-go@v0.28.5?package-id=d39be5e7128b9071", + "bom-ref": "pkg:golang/k8s.io/client-go@v0.28.5?package-id=dfa4d6f7438c613f", "type": "library", "name": "k8s.io/client-go", "version": "v0.28.5", @@ -13340,7 +13340,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13352,7 +13352,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13393,7 +13393,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13418,7 +13418,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/component-base@v0.28.5?package-id=32e9bd9673d3c1cf", + "bom-ref": "pkg:golang/k8s.io/component-base@v0.28.5?package-id=8a613a6b291f1f67", "type": "library", "name": "k8s.io/component-base", "version": "v0.28.5", @@ -13442,7 +13442,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13454,7 +13454,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13495,7 +13495,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13520,7 +13520,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=e97df069e7548380", + "bom-ref": "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=0a6ce9aa23b27782", "type": "library", "name": "k8s.io/klog/v2", "version": "v2.100.1", @@ -13545,7 +13545,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13557,7 +13557,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13599,7 +13599,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13624,7 +13624,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=5c49464188691119", + "bom-ref": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=c94717a5d006a06a", "type": "library", "name": "k8s.io/kube-openapi", "version": "v0.0.0-20230717233707-2695361300d9", @@ -13648,7 +13648,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13660,7 +13660,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13701,7 +13701,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13726,7 +13726,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/kubectl@v0.28.5?package-id=910eb7eeb49047a7", + "bom-ref": "pkg:golang/k8s.io/kubectl@v0.28.5?package-id=fa02371897088365", "type": "library", "name": "k8s.io/kubectl", "version": "v0.28.5", @@ -13750,7 +13750,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13762,7 +13762,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -13803,7 +13803,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13852,7 +13852,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -13877,7 +13877,7 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20240102154912-e7106e64919e?package-id=05ef0c0892b8d52a", + "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20240102154912-e7106e64919e?package-id=01b2944de401e4a9", "type": "library", "name": "k8s.io/utils", "version": "v0.0.0-20240102154912-e7106e64919e", @@ -13901,7 +13901,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -13913,7 +13913,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -14007,7 +14007,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -14015,7 +14015,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -14023,7 +14023,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -15454,11 +15454,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3", + "bom-ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651", "type": "library", "publisher": "Matthias Klose ", "name": "libpython3.11-minimal", - "version": "3.11.2-6", + "version": "3.11.2-6+deb12u2", "licenses": [ { "license": { @@ -15486,8 +15486,8 @@ } } ], - "cpe": "cpe:2.3:a:libpython3.11-minimal:libpython3.11-minimal:3.11.2-6:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12", + "cpe": "cpe:2.3:a:libpython3.11-minimal:libpython3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -15503,27 +15503,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11-minimal:libpython3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11-minimal:libpython3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11_minimal:libpython3.11-minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11_minimal:libpython3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11_minimal:libpython3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11_minimal:libpython3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11:libpython3.11-minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11:libpython3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11:libpython3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11:libpython3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:32632c26d0ad02b5e066924f64ef6d1bc73cfa80eaaa1897006bd2e0622a0148" + "value": "sha256:6d38222b0f5ca20b86de61e8815c3e8dccfa718afb8037487b944f88e99cb110" }, { "name": "syft:location:0:path", @@ -15531,7 +15531,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:32632c26d0ad02b5e066924f64ef6d1bc73cfa80eaaa1897006bd2e0622a0148" + "value": "sha256:6d38222b0f5ca20b86de61e8815c3e8dccfa718afb8037487b944f88e99cb110" }, { "name": "syft:location:1:path", @@ -15539,7 +15539,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:32632c26d0ad02b5e066924f64ef6d1bc73cfa80eaaa1897006bd2e0622a0148" + "value": "sha256:6d38222b0f5ca20b86de61e8815c3e8dccfa718afb8037487b944f88e99cb110" }, { "name": "syft:location:2:path", @@ -15547,7 +15547,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "5198" + "value": "5202" }, { "name": "syft:metadata:source", @@ -15556,11 +15556,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0", + "bom-ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=99bba6ed48d491dd", "type": "library", "publisher": "Matthias Klose ", "name": "libpython3.11-stdlib", - "version": "3.11.2-6", + "version": "3.11.2-6+deb12u2", "licenses": [ { "license": { @@ -15588,8 +15588,8 @@ } } ], - "cpe": "cpe:2.3:a:libpython3.11-stdlib:libpython3.11-stdlib:3.11.2-6:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12", + "cpe": "cpe:2.3:a:libpython3.11-stdlib:libpython3.11-stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -15605,27 +15605,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11-stdlib:libpython3.11_stdlib:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11-stdlib:libpython3.11_stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11_stdlib:libpython3.11-stdlib:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11_stdlib:libpython3.11-stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11_stdlib:libpython3.11_stdlib:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11_stdlib:libpython3.11_stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11:libpython3.11-stdlib:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11:libpython3.11-stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libpython3.11:libpython3.11_stdlib:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libpython3.11:libpython3.11_stdlib:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:32632c26d0ad02b5e066924f64ef6d1bc73cfa80eaaa1897006bd2e0622a0148" + "value": "sha256:6d38222b0f5ca20b86de61e8815c3e8dccfa718afb8037487b944f88e99cb110" }, { "name": "syft:location:0:path", @@ -15633,7 +15633,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:01828f5cdcac8d69f6b1fbee9ead8b423ecc5fe647e02e495b256658b87aba06" + "value": "sha256:3a7a04eddce82cd9a76b3133506ac22048df4ebcd1af2c1a2cc12019bdcac5f3" }, { "name": "syft:location:1:path", @@ -15641,7 +15641,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:01828f5cdcac8d69f6b1fbee9ead8b423ecc5fe647e02e495b256658b87aba06" + "value": "sha256:3a7a04eddce82cd9a76b3133506ac22048df4ebcd1af2c1a2cc12019bdcac5f3" }, { "name": "syft:location:2:path", @@ -15842,11 +15842,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e", + "bom-ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19", "type": "library", "publisher": "Debian OpenSSL Team ", "name": "libssl3", - "version": "3.0.11-1~deb12u2", + "version": "3.0.13-1~deb12u1", "licenses": [ { "license": { @@ -15869,8 +15869,8 @@ } } ], - "cpe": "cpe:2.3:a:libssl3:libssl3:3.0.11-1\\~deb12u2:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12", + "cpe": "cpe:2.3:a:libssl3:libssl3:3.0.13-1\\~deb12u1:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -15886,7 +15886,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a75711e7567067aecf1add65ab3be44781082fb938793b73960233a4d435842d" + "value": "sha256:9c72aa2ec06c9f3c851381644e4ba739f6cc7bf201fdb8f064d8c3f64426e1dc" }, { "name": "syft:location:0:path", @@ -15894,7 +15894,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a75711e7567067aecf1add65ab3be44781082fb938793b73960233a4d435842d" + "value": "sha256:9c72aa2ec06c9f3c851381644e4ba739f6cc7bf201fdb8f064d8c3f64426e1dc" }, { "name": "syft:location:1:path", @@ -15902,7 +15902,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a75711e7567067aecf1add65ab3be44781082fb938793b73960233a4d435842d" + "value": "sha256:9c72aa2ec06c9f3c851381644e4ba739f6cc7bf201fdb8f064d8c3f64426e1dc" }, { "name": "syft:location:2:path", @@ -15910,7 +15910,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "6010" + "value": "6008" }, { "name": "syft:metadata:source", @@ -16408,7 +16408,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -16416,7 +16416,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -16424,7 +16424,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -16582,7 +16582,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -16590,7 +16590,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -16598,7 +16598,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -16814,7 +16814,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -16822,7 +16822,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -16830,7 +16830,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -16863,7 +16863,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -17006,7 +17006,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17014,7 +17014,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -17172,7 +17172,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17180,7 +17180,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -17188,7 +17188,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -17346,7 +17346,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17354,7 +17354,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -17362,7 +17362,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -17508,7 +17508,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17516,7 +17516,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -17524,7 +17524,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -17786,7 +17786,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17794,7 +17794,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -17802,7 +17802,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -17960,7 +17960,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -17968,7 +17968,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18126,7 +18126,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -18134,7 +18134,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18142,7 +18142,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -18404,7 +18404,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -18412,7 +18412,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18420,7 +18420,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -18578,7 +18578,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -18586,7 +18586,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18594,7 +18594,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -18603,7 +18603,7 @@ ] }, { - "bom-ref": "pkg:generic/python@3.11.9?package-id=a48d082afc955ee4", + "bom-ref": "pkg:generic/python@3.11.9?package-id=09a1e3f80eef3fc9", "type": "application", "name": "python", "version": "3.11.9", @@ -18632,7 +18632,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:f9967588551a40dc35448d9ce5f767287357e3c099527a7939e81d3dcd1e9488" + "value": "sha256:911300468fe0ce49f852ba8739e9f88f9e76d673df169b32760e79d86e9eb2a8" }, { "name": "syft:location:0:path", @@ -18640,7 +18640,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18750,7 +18750,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -18758,7 +18758,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18766,7 +18766,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -18876,7 +18876,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -18884,7 +18884,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -18892,7 +18892,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -18976,11 +18976,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77", + "bom-ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0b5e9759b20aed22", "type": "library", "publisher": "Matthias Klose ", "name": "python3.11-minimal", - "version": "3.11.2-6", + "version": "3.11.2-6+deb12u2", "licenses": [ { "license": { @@ -19008,8 +19008,8 @@ } } ], - "cpe": "cpe:2.3:a:python3.11-minimal:python3.11-minimal:3.11.2-6:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12", + "cpe": "cpe:2.3:a:python3.11-minimal:python3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -19025,27 +19025,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python3.11-minimal:python3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python3.11-minimal:python3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python3.11_minimal:python3.11-minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python3.11_minimal:python3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python3.11_minimal:python3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python3.11_minimal:python3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python3.11:python3.11-minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python3.11:python3.11-minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:python3.11:python3.11_minimal:3.11.2-6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:python3.11:python3.11_minimal:3.11.2-6\\+deb12u2:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:8d4578ab4587c9e7d34da67daa87d79c18baaf575c80b8fee1bea27e8f8b4363" + "value": "sha256:e6d19d186cb7a4231ba6b174b9d91bedd92961a45f04e2de8f482176a51ca67a" }, { "name": "syft:location:0:path", @@ -19053,7 +19053,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:8d4578ab4587c9e7d34da67daa87d79c18baaf575c80b8fee1bea27e8f8b4363" + "value": "sha256:e6d19d186cb7a4231ba6b174b9d91bedd92961a45f04e2de8f482176a51ca67a" }, { "name": "syft:location:1:path", @@ -19061,7 +19061,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:8d4578ab4587c9e7d34da67daa87d79c18baaf575c80b8fee1bea27e8f8b4363" + "value": "sha256:e6d19d186cb7a4231ba6b174b9d91bedd92961a45f04e2de8f482176a51ca67a" }, { "name": "syft:location:2:path", @@ -19069,7 +19069,7 @@ }, { "name": "syft:metadata:installedSize", - "value": "6761" + "value": "6770" }, { "name": "syft:metadata:source", @@ -19111,7 +19111,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19119,7 +19119,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19127,7 +19127,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -19389,7 +19389,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19397,7 +19397,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19405,7 +19405,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -19667,7 +19667,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19675,7 +19675,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19683,7 +19683,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -19841,7 +19841,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19849,7 +19849,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19857,7 +19857,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -19899,7 +19899,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19907,7 +19907,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19949,7 +19949,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -19957,7 +19957,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -19965,7 +19965,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -19974,7 +19974,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/controller-runtime@v0.16.3?package-id=c86d1c4e92a61887", + "bom-ref": "pkg:golang/sigs.k8s.io/controller-runtime@v0.16.3?package-id=8d144317f46308db", "type": "library", "name": "sigs.k8s.io/controller-runtime", "version": "v0.16.3", @@ -19998,7 +19998,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -20010,7 +20010,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -20051,7 +20051,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20076,7 +20076,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=2b0330d6821d0405", + "bom-ref": "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=b8631f613866a59f", "type": "library", "name": "sigs.k8s.io/json", "version": "v0.0.0-20221116044647-bc3834ca7abd", @@ -20100,7 +20100,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -20112,7 +20112,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -20154,7 +20154,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20204,7 +20204,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20229,7 +20229,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=756e75b465f3e6e8", + "bom-ref": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=522086b451fcdfd4", "type": "library", "name": "sigs.k8s.io/structured-merge-diff/v4", "version": "v4.2.3", @@ -20270,7 +20270,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -20282,7 +20282,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -20340,7 +20340,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20389,7 +20389,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20414,7 +20414,7 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/yaml@v1.4.0?package-id=3d1e144e2dde499b", + "bom-ref": "pkg:golang/sigs.k8s.io/yaml@v1.4.0?package-id=51661fa0a6f0757b", "type": "library", "name": "sigs.k8s.io/yaml", "version": "v1.4.0", @@ -20438,7 +20438,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -20450,7 +20450,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -20616,7 +20616,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -20624,7 +20624,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -20632,7 +20632,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -20669,7 +20669,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:c5ed3fc2049b72664c21470b1ee04ff8706c7a0fde4c88411afa9e1a7e07dac4" + "value": "sha256:c6c958195c301d43c64cf1310b6cbb7f5a9b6d48e00da1ba96125e98ea6d45d6" }, { "name": "syft:location:0:path", @@ -20682,10 +20682,10 @@ ] }, { - "bom-ref": "pkg:golang/stdlib@1.22.4?package-id=8b929afd8e3fcec9", + "bom-ref": "pkg:golang/stdlib@1.22.5?package-id=c2da1ec8a4f923ee", "type": "library", "name": "stdlib", - "version": "go1.22.4", + "version": "go1.22.5", "licenses": [ { "license": { @@ -20693,8 +20693,8 @@ } } ], - "cpe": "cpe:2.3:a:golang:go:1.22.4:-:*:*:*:*:*:*", - "purl": "pkg:golang/stdlib@1.22.4", + "cpe": "cpe:2.3:a:golang:go:1.22.5:-:*:*:*:*:*:*", + "purl": "pkg:golang/stdlib@1.22.5", "properties": [ { "name": "syft:package:language", @@ -20710,7 +20710,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:43d24e5e88e1085c7e0e26e492cdde94080d6d713f0b3e119f957b31585dca16" + "value": "sha256:8952894915ea080ce8946edbf58a74722341b06899890c172a274c4efa8ba38f" }, { "name": "syft:location:0:path", @@ -20718,7 +20718,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.22.4" + "value": "go1.22.5" } ] }, @@ -20814,7 +20814,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -20822,7 +20822,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -20830,7 +20830,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -21108,7 +21108,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -21116,7 +21116,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -21124,7 +21124,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:2:path", @@ -21251,7 +21251,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:0:path", @@ -21259,7 +21259,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:a20661f90127cb31229f10e698b51716abba4f0129fca610933750814a9552b9" + "value": "sha256:915875b88cee0c746d7895e69871af3974711f7b636cc32b94206fb3dcc2c5c2" }, { "name": "syft:location:1:path", @@ -21457,7 +21457,7 @@ "pkg:deb/debian/libk5crypto3@1.20.1-2%2Bdeb12u1?arch=amd64&upstream=krb5&distro=debian-12&package-id=1169ac8a3402720b", "pkg:deb/debian/libkeyutils1@1.6.3-2?arch=amd64&upstream=keyutils&distro=debian-12&package-id=e182c5a1d7f7d1ea", "pkg:deb/debian/libkrb5support0@1.20.1-2%2Bdeb12u1?arch=amd64&upstream=krb5&distro=debian-12&package-id=3d8e7e7b414fbb89", - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" ] }, { @@ -21487,14 +21487,14 @@ ] }, { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3", + "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=0af09cd7d011faf5", - "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" ] }, { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0", + "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=99bba6ed48d491dd", "dependsOn": [ "pkg:deb/debian/libbz2-1.0@1.0.8-5%2Bb1?arch=amd64&upstream=bzip2%401.0.8-5&distro=debian-12&package-id=636e31bcf3b8f8ea", "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=0af09cd7d011faf5", @@ -21504,7 +21504,7 @@ "pkg:deb/debian/liblzma5@5.4.1-0.2?arch=amd64&upstream=xz-utils&distro=debian-12&package-id=e589b1402ec4de9c", "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=015b1bb725c05616", "pkg:deb/debian/libnsl2@1.3.0-2?arch=amd64&upstream=libnsl&distro=debian-12&package-id=6febad3629e7b7fc", - "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3", + "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651", "pkg:deb/debian/libreadline8@8.2-1.3?arch=amd64&upstream=readline&distro=debian-12&package-id=cf1e156bd7515d7e", "pkg:deb/debian/libsqlite3-0@3.40.1-2?arch=amd64&upstream=sqlite3&distro=debian-12&package-id=ba7901014862fb39", "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=36361b5a97996e94", @@ -21526,7 +21526,7 @@ ] }, { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e", + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=0af09cd7d011faf5" ] @@ -21558,11 +21558,11 @@ ] }, { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77", + "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0b5e9759b20aed22", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=0af09cd7d011faf5", "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=0a0dfff5ad2a7836", - "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3", + "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651", "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=aad1c23de303b3c3" ] }, @@ -21573,11 +21573,233 @@ ] }, { - "ref": "pkg:generic/python@3.11.9?package-id=a48d082afc955ee4", + "ref": "pkg:generic/python@3.11.9?package-id=09a1e3f80eef3fc9", "dependsOn": [ "pkg:deb/debian/libc6@2.36-9%2Bdeb12u7?arch=amd64&upstream=glibc&distro=debian-12&package-id=0af09cd7d011faf5" ] }, + { + "ref": "pkg:golang/github.com/operator-framework/ansible-operator-plugins@v1.28.0?package-id=e01035932f70db61", + "dependsOn": [ + "pkg:golang/github.com/antlr/antlr4@v4.0.0-20230305170008-8188dc5388df?package-id=9820ee9f552e7470#runtime/Go/antlr/v4", + "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=d852910acaf00c85", + "pkg:golang/github.com/blang/semver@v4.0.0?package-id=f24029dabee86752#v4", + "pkg:golang/github.com/cespare/xxhash@v2.2.0?package-id=5b1ea50cec38dae0#v2", + "pkg:golang/github.com/davecgh/go-spew@v1.1.2-0.20180830191138-d8f796af33cc?package-id=021e8a8075bc6c38", + "pkg:golang/github.com/emicklei/go-restful@v3.11.0?package-id=1f69a39e1f7265fd#v3", + "pkg:golang/github.com/evanphx/json-patch@v5.6.0?package-id=62d8e6aa96ad4427#v5", + "pkg:golang/github.com/fsnotify/fsnotify@v1.7.0?package-id=cea6ffc8e85be392", + "pkg:golang/github.com/go-logr/logr@v1.4.1?package-id=f48abfd7204df8a0", + "pkg:golang/github.com/go-logr/zapr@v1.2.4?package-id=2b0962fa828d7a0f", + "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=33da78f8f29a8961", + "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=0d38ab1030661897", + "pkg:golang/github.com/go-openapi/swag@v0.22.4?package-id=7ed9f6623fd0ad4d", + "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=6e5100a377c7acf1", + "pkg:golang/github.com/golang/groupcache@v0.0.0-20210331224755-41bb18bfe9da?package-id=a2ccf27610248563", + "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=69ecfc4acedc76c6", + "pkg:golang/github.com/google/cel-go@v0.16.1?package-id=d1561e8979c1051e", + "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=fd78e9f4096341d9", + "pkg:golang/github.com/google/go-cmp@v0.6.0?package-id=f41eb38263614dbc", + "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=49363cdd0348c6e0", + "pkg:golang/github.com/google/uuid@v1.4.0?package-id=c02c6724944e0ec7", + "pkg:golang/github.com/h2non/filetype@v1.1.3?package-id=bff0f0cdb7dcc96f", + "pkg:golang/github.com/h2non/go-is-svg@v0.0.0-20160927212452-35e8c4b0612c?package-id=6b7e5b845a335321", + "pkg:golang/github.com/imdario/mergo@v0.3.13?package-id=fd46d21e02aa299f", + "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=ab64358b85d5d979", + "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=0fbd359f9f67ea75", + "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=af01d2cc31aa87ab", + "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v2.0.0?package-id=a120ac1532d06579#v2", + "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=a8201f41f544f12b", + "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=7cb400a10d36ed3b", + "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=e54f0218a2c060fd", + "pkg:golang/github.com/mxk/go-flowrate@v0.0.0-20140419014527-cca7078d478f?package-id=947882ae32065f95", + "pkg:golang/github.com/onsi/gomega@v1.30.0?package-id=d9fe55d01e8eef44", + "pkg:golang/github.com/operator-framework/api@v0.21.0?package-id=db3fc61dfc3a2bb8", + "pkg:golang/github.com/operator-framework/operator-lib@v0.12.0?package-id=f6200769c3f4abe9", + "pkg:golang/github.com/operator-framework/operator-registry@v1.35.0?package-id=5c53e1a0fe2b646b", + "pkg:golang/github.com/pkg/errors@v0.9.1?package-id=2ebcefc04ca5e94c", + "pkg:golang/github.com/prometheus/client_golang@v1.18.0?package-id=f692fbad4e3943be", + "pkg:golang/github.com/prometheus/client_model@v0.5.0?package-id=a698f6e90bbe0e0b", + "pkg:golang/github.com/prometheus/common@v0.45.0?package-id=cf851583dc268cda", + "pkg:golang/github.com/prometheus/procfs@v0.12.0?package-id=188c22ff8b41f625", + "pkg:golang/github.com/sirupsen/logrus@v1.9.3?package-id=4cef29b92f702e95", + "pkg:golang/github.com/spf13/afero@v1.11.0?package-id=65b23bc581dbd244", + "pkg:golang/github.com/spf13/cobra@v1.8.0?package-id=71d3029a2532f3ad", + "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=d40b873071e286ca", + "pkg:golang/github.com/stoewer/go-strcase@v1.2.0?package-id=88dbe3f68bbd14a9", + "pkg:golang/go.uber.org/multierr@v1.11.0?package-id=bd8ec1cd27c96ab9", + "pkg:golang/go.uber.org/zap@v1.25.0?package-id=36969786a32c9e4f", + "pkg:golang/golang.org/x/exp@v0.0.0-20230905200255-921286631fa9?package-id=03dfa2214a487beb", + "pkg:golang/golang.org/x/net@v0.20.0?package-id=74d027b531e7de02", + "pkg:golang/golang.org/x/oauth2@v0.15.0?package-id=82a4ff55d678377c", + "pkg:golang/golang.org/x/sys@v0.16.0?package-id=0fe0bb7bacfe9242", + "pkg:golang/golang.org/x/term@v0.16.0?package-id=e496c1429eed599b", + "pkg:golang/golang.org/x/text@v0.14.0?package-id=53bda3d094859e5c", + "pkg:golang/golang.org/x/time@v0.5.0?package-id=ba99272182c980c0", + "pkg:golang/gomodules.xyz/jsonpatch/v2@v2.4.0?package-id=34d2ebc84180de24", + "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231120223509-83a465c0220f?package-id=f009b2455f0173b2#api", + "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20231212172506-995d672761c0?package-id=913c49b8106e7d52#rpc", + "pkg:golang/google.golang.org/grpc@v1.60.1?package-id=636101af290a4894", + "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=cf0a618c2651fffc", + "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=d9c92d6fad067487", + "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=a3142707399850ad", + "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=1de0a56d885271d5", + "pkg:golang/k8s.io/api@v0.28.5?package-id=87dd2328d052f922", + "pkg:golang/k8s.io/apiextensions-apiserver@v0.28.5?package-id=b4be89cc25d97ba9", + "pkg:golang/k8s.io/apimachinery@v0.28.5?package-id=bd6cfc7881749818", + "pkg:golang/k8s.io/client-go@v0.28.5?package-id=dfa4d6f7438c613f", + "pkg:golang/k8s.io/component-base@v0.28.5?package-id=8a613a6b291f1f67", + "pkg:golang/k8s.io/klog/v2@v2.100.1?package-id=0a6ce9aa23b27782", + "pkg:golang/k8s.io/kube-openapi@v0.0.0-20230717233707-2695361300d9?package-id=c94717a5d006a06a", + "pkg:golang/k8s.io/kubectl@v0.28.5?package-id=fa02371897088365", + "pkg:golang/k8s.io/utils@v0.0.0-20240102154912-e7106e64919e?package-id=01b2944de401e4a9", + "pkg:golang/sigs.k8s.io/controller-runtime@v0.16.3?package-id=8d144317f46308db", + "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=b8631f613866a59f", + "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=522086b451fcdfd4", + "pkg:golang/sigs.k8s.io/yaml@v1.4.0?package-id=51661fa0a6f0757b", + "pkg:golang/stdlib@1.22.5?package-id=c2da1ec8a4f923ee" + ] + }, + { + "ref": "pkg:golang/helm.sh/helm/v3@v3.14.0?package-id=2dee359273df7082", + "dependsOn": [ + "pkg:golang/github.com/asaskevich/govalidator@v0.0.0-20200428143746-21a406dcc535?package-id=bbd05a6d12edc694", + "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=6a2450977ec9b2e1", + "pkg:golang/github.com/burntsushi/toml@v1.3.2?package-id=61a9543496dff4c5", + "pkg:golang/github.com/cespare/xxhash@v2.2.0?package-id=62b404bb03e00cf7#v2", + "pkg:golang/github.com/chai2010/gettext-go@v1.0.2?package-id=578e636d9886898d", + "pkg:golang/github.com/containerd/containerd@v1.7.11?package-id=72a1f1d979518e0f", + "pkg:golang/github.com/containerd/log@v0.1.0?package-id=7dd2d478f96f7b2e", + "pkg:golang/github.com/cpuguy83/go-md2man@v2.0.3?package-id=31fe895b988d9d40#v2", + "pkg:golang/github.com/cyphar/filepath-securejoin@v0.2.4?package-id=db407c80695fb065", + "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=28b9714af62929d1", + "pkg:golang/github.com/docker/cli@v24.0.6%2Bincompatible?package-id=a964a9b12f86e531", + "pkg:golang/github.com/docker/distribution@v2.8.2%2Bincompatible?package-id=0f47dfcfdee6b57f", + "pkg:golang/github.com/docker/docker-credential-helpers@v0.7.0?package-id=4e2775699746d324", + "pkg:golang/github.com/docker/docker@v24.0.7%2Bincompatible?package-id=46652e548371f5c8", + "pkg:golang/github.com/docker/go-connections@v0.4.0?package-id=3a157a08315231cb", + "pkg:golang/github.com/docker/go-metrics@v0.0.1?package-id=9b168f6c6d51927e", + "pkg:golang/github.com/docker/go-units@v0.5.0?package-id=54846f6c358cf36e", + "pkg:golang/github.com/emicklei/go-restful@v3.11.0?package-id=498ee432ba285f95#v3", + "pkg:golang/github.com/evanphx/json-patch@v5.7.0%2Bincompatible?package-id=78745179531861bd", + "pkg:golang/github.com/exponent-io/jsonpath@v0.0.0-20151013193312-d6023ce2651d?package-id=2f90548739f0b3dd", + "pkg:golang/github.com/fatih/color@v1.13.0?package-id=3e1e425f599bb6a8", + "pkg:golang/github.com/felixge/httpsnoop@v1.0.3?package-id=e7e4f4c7ca2afd69", + "pkg:golang/github.com/fvbommel/sortorder@v1.1.0?package-id=47b15b2d4238a9da", + "pkg:golang/github.com/go-errors/errors@v1.4.2?package-id=8a2ea8106446a263", + "pkg:golang/github.com/go-gorp/gorp@v3.1.0?package-id=4ed80ff0154f9489#v3", + "pkg:golang/github.com/go-logr/logr@v1.3.0?package-id=a4096870991705d4", + "pkg:golang/github.com/go-logr/stdr@v1.2.2?package-id=f72b2ecab588b07a", + "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=c7863472162657e1", + "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=a24c0f985a3381ea", + "pkg:golang/github.com/go-openapi/swag@v0.22.3?package-id=122da8577047d0f6", + "pkg:golang/github.com/gobwas/glob@v0.2.3?package-id=ed5018a71b9b6437", + "pkg:golang/github.com/gofrs/flock@v0.8.1?package-id=47c7c5ed3dac86bf", + "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=e52608854c041c0b", + "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=09a450dbbb09e3c9", + "pkg:golang/github.com/google/btree@v1.0.1?package-id=3ba70ceebc4f1b97", + "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=8eeb447a17302e64", + "pkg:golang/github.com/google/go-cmp@v0.6.0?package-id=edc7f7fa2a2ba2fc", + "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=1b31774a5822e2b7", + "pkg:golang/github.com/google/shlex@v0.0.0-20191202100458-e7afc7fbc510?package-id=364d231601a0133c", + "pkg:golang/github.com/google/uuid@v1.3.0?package-id=f5850c1d83a17984", + "pkg:golang/github.com/gorilla/mux@v1.8.0?package-id=ecd34b222c45f7e9", + "pkg:golang/github.com/gorilla/websocket@v1.5.0?package-id=c657d39533f4817c", + "pkg:golang/github.com/gosuri/uitable@v0.0.4?package-id=c0f539d32fc01aec", + "pkg:golang/github.com/gregjones/httpcache@v0.0.0-20180305231024-9cad4c3443a7?package-id=5734634e2e609119", + "pkg:golang/github.com/hashicorp/errwrap@v1.1.0?package-id=86e48c9321ced449", + "pkg:golang/github.com/hashicorp/go-multierror@v1.1.1?package-id=0281aa224ed6dd6c", + "pkg:golang/github.com/huandu/xstrings@v1.4.0?package-id=4459d011d7b4ec3e", + "pkg:golang/github.com/imdario/mergo@v0.3.13?package-id=cbc763fdb4ab2d59", + "pkg:golang/github.com/jmoiron/sqlx@v1.3.5?package-id=8d631eaa105ad2b3", + "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=4e3c09058b3ba98a", + "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=af202461e8725fb9", + "pkg:golang/github.com/klauspost/compress@v1.16.0?package-id=b9e50a2ace6ead26", + "pkg:golang/github.com/lann/builder@v0.0.0-20180802200727-47ae307949d0?package-id=2f86f66ed446e212", + "pkg:golang/github.com/lann/ps@v0.0.0-20150810152359-62de8c46ede0?package-id=7d0c94f7c8da4fa4", + "pkg:golang/github.com/lib/pq@v1.10.9?package-id=301871ba0c830890", + "pkg:golang/github.com/liggitt/tabwriter@v0.0.0-20181228230101-89fcab3d43de?package-id=3e2cda007b551013", + "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=bc3f960e82002ad6", + "pkg:golang/github.com/makenowjust/heredoc@v1.0.0?package-id=969ba4e115f1f480", + "pkg:golang/github.com/masterminds/goutils@v1.1.1?package-id=951f2276e38e3f9a", + "pkg:golang/github.com/masterminds/semver@v3.2.1?package-id=c058dbab54b23e01#v3", + "pkg:golang/github.com/masterminds/sprig@v3.2.3?package-id=65658f2fbd9446cd#v3", + "pkg:golang/github.com/masterminds/squirrel@v1.5.4?package-id=cd06da0c22522722", + "pkg:golang/github.com/masterminds/vcs@v1.13.3?package-id=7ca38f164806cbb7", + "pkg:golang/github.com/mattn/go-colorable@v0.1.13?package-id=89e7111773a55a78", + "pkg:golang/github.com/mattn/go-isatty@v0.0.17?package-id=f862e59bdcf53db4", + "pkg:golang/github.com/mattn/go-runewidth@v0.0.9?package-id=6491732313d32fd1", + "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v1.0.4?package-id=5a56419d7631c164", + "pkg:golang/github.com/mitchellh/copystructure@v1.2.0?package-id=ada584f1dd727f79", + "pkg:golang/github.com/mitchellh/go-wordwrap@v1.0.1?package-id=f7955a24bc67e4db", + "pkg:golang/github.com/mitchellh/reflectwalk@v1.0.2?package-id=c168586d30eeb3ce", + "pkg:golang/github.com/moby/locker@v1.0.1?package-id=2c4229dc7d286cf4", + "pkg:golang/github.com/moby/spdystream@v0.2.0?package-id=f1f2bd7a6481341c", + "pkg:golang/github.com/moby/term@v0.5.0?package-id=f1b12d70ce358ac7", + "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=35b65435224f8a93", + "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=678e6aefdb90205b", + "pkg:golang/github.com/monochromegane/go-gitignore@v0.0.0-20200626010858-205db1a8cc00?package-id=d856ee9429394d09", + "pkg:golang/github.com/morikuni/aec@v1.0.0?package-id=0529bab9840a33d4", + "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=aad1e1a3315a3851", + "pkg:golang/github.com/mxk/go-flowrate@v0.0.0-20140419014527-cca7078d478f?package-id=eaf403ad9442826d", + "pkg:golang/github.com/opencontainers/go-digest@v1.0.0?package-id=cc63a663919e1565", + "pkg:golang/github.com/opencontainers/image-spec@v1.1.0-rc5?package-id=e06e4e730e6468ba", + "pkg:golang/github.com/peterbourgon/diskv@v2.0.1%2Bincompatible?package-id=fc6d62d81a82a140", + "pkg:golang/github.com/pkg/errors@v0.9.1?package-id=4c699985a6fee925", + "pkg:golang/github.com/prometheus/client_golang@v1.16.0?package-id=b4f59cc79151917c", + "pkg:golang/github.com/prometheus/client_model@v0.4.0?package-id=05b91fcf51eb7b85", + "pkg:golang/github.com/prometheus/common@v0.44.0?package-id=75ece74c99c2ae8d", + "pkg:golang/github.com/prometheus/procfs@v0.10.1?package-id=f8d3be7f5bef4928", + "pkg:golang/github.com/rubenv/sql-migrate@v1.5.2?package-id=ad787f2479b92420", + "pkg:golang/github.com/russross/blackfriday@v2.1.0?package-id=375e3e7f5063437a#v2", + "pkg:golang/github.com/shopspring/decimal@v1.3.1?package-id=b7520e06148ec358", + "pkg:golang/github.com/sirupsen/logrus@v1.9.3?package-id=83050e16d786ee71", + "pkg:golang/github.com/spf13/cast@v1.5.0?package-id=04275460d5f13b13", + "pkg:golang/github.com/spf13/cobra@v1.8.0?package-id=e8bd156eaddb0a3f", + "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=fbc13c4ca0aff254", + "pkg:golang/github.com/xeipuuv/gojsonpointer@v0.0.0-20190905194746-02993c407bfb?package-id=f5f4cd439f5eb629", + "pkg:golang/github.com/xeipuuv/gojsonreference@v0.0.0-20180127040603-bd5ef7bd5415?package-id=4b194307bf1b3e5c", + "pkg:golang/github.com/xeipuuv/gojsonschema@v1.2.0?package-id=380b2aa73d466aad", + "pkg:golang/github.com/xlab/treeprint@v1.2.0?package-id=2fc781a87669bfbf", + "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.45.0?package-id=4f963df28fcff2b3#net/http/otelhttp", + "pkg:golang/go.opentelemetry.io/otel/metric@v1.19.0?package-id=2988ea3eec3c7563", + "pkg:golang/go.opentelemetry.io/otel/trace@v1.19.0?package-id=dcb66e432b04fc33", + "pkg:golang/go.opentelemetry.io/otel@v1.19.0?package-id=58b109a34b0a6654", + "pkg:golang/go.starlark.net@v0.0.0-20230525235612-a134d8f9ddca?package-id=1e1a09359a514ef6", + "pkg:golang/golang.org/x/crypto@v0.17.0?package-id=6027097e9d230681", + "pkg:golang/golang.org/x/net@v0.17.0?package-id=b7cd7d70ee4b9e9b", + "pkg:golang/golang.org/x/oauth2@v0.10.0?package-id=a165f15b724df3d7", + "pkg:golang/golang.org/x/sync@v0.3.0?package-id=df78588c4984b7db", + "pkg:golang/golang.org/x/sys@v0.15.0?package-id=2e6cc63c7be556fc", + "pkg:golang/golang.org/x/term@v0.15.0?package-id=cf2d9b76aa31719a", + "pkg:golang/golang.org/x/text@v0.14.0?package-id=c2f4eff34b3df966", + "pkg:golang/golang.org/x/time@v0.3.0?package-id=a42921e911f41575", + "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20230822172742-b8732ec3820d?package-id=f2fa57581b80ea3c#rpc", + "pkg:golang/google.golang.org/grpc@v1.58.3?package-id=96bf04e992cfa6d7", + "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=df7b60f06ef5fd43", + "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=7fb7839f164ab09a", + "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=f0fdac75c501a330", + "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=7621e600aa412afd", + "pkg:golang/k8s.io/api@v0.29.0?package-id=1c9c90500d9e8466", + "pkg:golang/k8s.io/apiextensions-apiserver@v0.29.0?package-id=f23c30977a4e1865", + "pkg:golang/k8s.io/apimachinery@v0.29.0?package-id=d1a9ea2c0b866fe8", + "pkg:golang/k8s.io/apiserver@v0.29.0?package-id=bea4aa5bf5499784", + "pkg:golang/k8s.io/cli-runtime@v0.29.0?package-id=b6aa4c2e9f48ae34", + "pkg:golang/k8s.io/client-go@v0.29.0?package-id=d34fa1f385ba4b59", + "pkg:golang/k8s.io/component-base@v0.29.0?package-id=12c70bbbe6912259", + "pkg:golang/k8s.io/klog/v2@v2.110.1?package-id=78a98a3c5987647f", + "pkg:golang/k8s.io/kube-openapi@v0.0.0-20231010175941-2dd684a91f00?package-id=c6f0eba505f061c6", + "pkg:golang/k8s.io/kubectl@v0.29.0?package-id=8117e1ad6daa73fc", + "pkg:golang/k8s.io/utils@v0.0.0-20230726121419-3b25d923346b?package-id=2fffdeaf72b43c31", + "pkg:golang/oras.land/oras-go@v1.2.4?package-id=bcce8f5089ea0880", + "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=d11623fc11348a8e", + "pkg:golang/sigs.k8s.io/kustomize/api@v0.13.5-0.20230601165947-6ce0bf390ce3?package-id=5713706b8df200cc", + "pkg:golang/sigs.k8s.io/kustomize/kyaml@v0.14.3-0.20230601165947-6ce0bf390ce3?package-id=b9c0ef73cafb89fd", + "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.4.1?package-id=4de9ffc4e47068f1", + "pkg:golang/sigs.k8s.io/yaml@v1.3.0?package-id=1703f5ade90699bc", + "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" + ] + }, { "ref": "pkg:pypi/ansible-core@2.15.9?package-id=74fe538f9e2dbbdd", "dependsOn": [ @@ -21709,7 +21931,7 @@ ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:877681e7-50f1-4b51-8cef-9999ed8c64a5", + "bom-ref": "urn:uuid:6f970906-8283-403e-910d-369d531d623f", "id": "CVE-2010-4756", "source": { "name": "debian-distro-debian-12", @@ -21742,7 +21964,7 @@ ] }, { - "bom-ref": "urn:uuid:6e0173d1-1685-48b4-b208-92336cb6f1d1", + "bom-ref": "urn:uuid:73440318-b0b7-4df7-980a-cc46b293f17a", "id": "CVE-2018-20796", "source": { "name": "debian-distro-debian-12", @@ -21775,7 +21997,7 @@ ] }, { - "bom-ref": "urn:uuid:a089ca94-5e9e-4200-9252-e416d8118f99", + "bom-ref": "urn:uuid:a0f49086-8b9f-4d23-b8ae-e6a50aaaff07", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -21808,7 +22030,7 @@ ] }, { - "bom-ref": "urn:uuid:384db035-1e8b-4e4f-9f8b-298b2eddb07b", + "bom-ref": "urn:uuid:8e227145-f9c2-412b-ae10-127cf77a6e4a", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -21841,7 +22063,7 @@ ] }, { - "bom-ref": "urn:uuid:5e64d192-4b54-4075-83ed-800bcb966eb4", + "bom-ref": "urn:uuid:32613575-73fe-46e1-ae82-a09edc399b1a", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -21874,7 +22096,7 @@ ] }, { - "bom-ref": "urn:uuid:3358fddc-86ae-4c33-9c75-ff52a1a10f51", + "bom-ref": "urn:uuid:b00ee949-f7bf-47f3-b7b0-67f96f167365", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -21907,7 +22129,7 @@ ] }, { - "bom-ref": "urn:uuid:d62e7b9c-51e4-4057-8429-16d17e379348", + "bom-ref": "urn:uuid:a7e53571-a7f5-4f8f-8c2c-116978d24d96", "id": "CVE-2019-1010022", "source": { "name": "debian-distro-debian-12", @@ -21940,7 +22162,7 @@ ] }, { - "bom-ref": "urn:uuid:c462e14a-1b3f-46df-8f55-24f14b8d2590", + "bom-ref": "urn:uuid:484e7360-aba4-4120-9a38-4599beb85b50", "id": "CVE-2019-1010023", "source": { "name": "debian-distro-debian-12", @@ -21973,7 +22195,7 @@ ] }, { - "bom-ref": "urn:uuid:d2fa72b6-efa3-4859-ab81-bfb7dc68f7f2", + "bom-ref": "urn:uuid:caa7d941-6cfb-4121-9ed3-6c0cd867040a", "id": "CVE-2019-1010024", "source": { "name": "debian-distro-debian-12", @@ -22006,7 +22228,7 @@ ] }, { - "bom-ref": "urn:uuid:8524bcf5-ca7a-4fad-ad2a-2b527b85fe5d", + "bom-ref": "urn:uuid:478efee6-5f9c-4310-b84a-0582752f0834", "id": "CVE-2019-1010025", "source": { "name": "debian-distro-debian-12", @@ -22039,7 +22261,7 @@ ] }, { - "bom-ref": "urn:uuid:f08ccdcc-8a9e-4cba-a5fa-dd92b946c244", + "bom-ref": "urn:uuid:575f4503-2034-4a34-9449-a99ac0eece66", "id": "CVE-2019-9192", "source": { "name": "debian-distro-debian-12", @@ -22072,7 +22294,7 @@ ] }, { - "bom-ref": "urn:uuid:0b890bb7-afaf-49b5-8afc-890a8650b1bb", + "bom-ref": "urn:uuid:e6f78cc2-0f82-44ca-a2c8-0bb22f1dbaa5", "id": "CVE-2021-45346", "source": { "name": "debian-distro-debian-12", @@ -22105,7 +22327,7 @@ ] }, { - "bom-ref": "urn:uuid:26d405c3-e616-4808-864f-a5f6d66ce7d5", + "bom-ref": "urn:uuid:a95f5c6c-e419-4ce5-8ed8-e546b8773f2b", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -22138,7 +22360,7 @@ ] }, { - "bom-ref": "urn:uuid:83812938-f492-4dbb-b786-cfb030e5b3be", + "bom-ref": "urn:uuid:8ccf2315-cef9-4704-82c0-f0a6ab94f599", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -22171,7 +22393,7 @@ ] }, { - "bom-ref": "urn:uuid:8bebc599-27cb-469f-bdaa-91f6df016343", + "bom-ref": "urn:uuid:ef671a6d-fbe1-4a5c-920d-e69e0afd7b9e", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -22204,7 +22426,7 @@ ] }, { - "bom-ref": "urn:uuid:db5b2b96-d810-4d4d-979d-1eacc26b3ed8", + "bom-ref": "urn:uuid:dc9172b9-5c90-4e75-a318-49b88de09fa1", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -22237,106 +22459,7 @@ ] }, { - "bom-ref": "urn:uuid:17bb4c8a-2432-47a0-8c85-85e41e9d39f4", - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - }, - "references": [ - { - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" - } - ] - }, - { - "bom-ref": "urn:uuid:46fee2b3-f4b6-4c17-9a18-e2f51b153078", - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - }, - "references": [ - { - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" - } - ] - }, - { - "bom-ref": "urn:uuid:2f657043-e764-415b-a6d6-29f7d24ce498", - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - }, - "references": [ - { - "id": "CVE-2023-24329", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-24329" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" - } - ] - }, - { - "bom-ref": "urn:uuid:dee3300a-ba5f-4057-90f7-01b3568a020c", + "bom-ref": "urn:uuid:fd577178-7847-4351-ae87-485b300cc271", "id": "CVE-2023-27043", "source": { "name": "debian-distro-debian-12", @@ -22364,12 +22487,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" + "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651" } ] }, { - "bom-ref": "urn:uuid:1a3f8a48-1b3a-4dd7-bc6f-67e8659899d4", + "bom-ref": "urn:uuid:c1e06a66-b94c-4c77-9311-c7dc98b9da50", "id": "CVE-2023-27043", "source": { "name": "debian-distro-debian-12", @@ -22397,12 +22520,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" + "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=99bba6ed48d491dd" } ] }, { - "bom-ref": "urn:uuid:f614d069-bd61-4db0-8a2d-3a51c058192c", + "bom-ref": "urn:uuid:1604338b-07b6-43da-86ed-378a8e99fe7f", "id": "CVE-2023-27043", "source": { "name": "debian-distro-debian-12", @@ -22430,111 +22553,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" + "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0b5e9759b20aed22" } ] }, { - "bom-ref": "urn:uuid:dafe5989-8b36-4e11-b3ec-f41c56ad8672", - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - }, - "references": [ - { - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as \"not connected\" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" - } - ] - }, - { - "bom-ref": "urn:uuid:0cdba3c6-19ef-40be-ac71-e86e68710948", - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - }, - "references": [ - { - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as \"not connected\" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" - } - ] - }, - { - "bom-ref": "urn:uuid:3128d858-699d-4c7e-862b-97857a4aff85", - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - }, - "references": [ - { - "id": "CVE-2023-40217", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as \"not connected\" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-40217" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" - } - ] - }, - { - "bom-ref": "urn:uuid:5de7a170-6350-4a92-b045-3e656b01f7c3", + "bom-ref": "urn:uuid:e09315ac-339a-42c7-9fe1-f7eddd74930f", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -22567,7 +22591,7 @@ ] }, { - "bom-ref": "urn:uuid:73bfabde-6924-42c6-89f7-155d1cc16c36", + "bom-ref": "urn:uuid:bc14bb4a-b8da-4753-a350-24000a5c05d7", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -22600,7 +22624,7 @@ ] }, { - "bom-ref": "urn:uuid:167d2cb4-4fdd-452b-abd2-dbd2f50958f9", + "bom-ref": "urn:uuid:945a5038-3888-4d0a-b777-af5e9badadc1", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -22633,106 +22657,7 @@ ] }, { - "bom-ref": "urn:uuid:4e873c0d-f920-454f-8d64-32a72b296f82", - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - }, - "references": [ - { - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" - } - ] - }, - { - "bom-ref": "urn:uuid:586947bd-664a-4d3e-990c-44c0a4bdeef8", - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - }, - "references": [ - { - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" - } - ] - }, - { - "bom-ref": "urn:uuid:856cf55e-436d-42d3-9eb3-9f7bb6a4cac3", - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - }, - "references": [ - { - "id": "CVE-2023-41105", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - } - ], - "ratings": [ - { - "severity": "high" - } - ], - "description": "An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-41105" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" - } - ] - }, - { - "bom-ref": "urn:uuid:97d6a00d-8fa8-4cc9-9cf8-b66f76914dc0", + "bom-ref": "urn:uuid:076999e2-e0e2-4cd4-8ca5-ac30a3053cc7", "id": "CVE-2023-45288", "source": { "name": "nvd-cpe", @@ -22786,7 +22711,7 @@ ] }, { - "bom-ref": "urn:uuid:96c735af-d3f7-4313-9f9c-ad2c0402b220", + "bom-ref": "urn:uuid:e515bba1-6057-4c67-a274-f90b7c152282", "id": "CVE-2023-45289", "source": { "name": "nvd-cpe", @@ -22829,434 +22754,236 @@ ], "affects": [ { - "ref": "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" - } - ] - }, - { - "bom-ref": "urn:uuid:b3283a6b-347f-4f5c-8a3c-94e9296bb3e1", - "id": "CVE-2023-45290", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290" - }, - "references": [ - { - "id": "CVE-2023-45290", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.", - "advisories": [ - { - "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4" - }, - { - "url": "https://go.dev/cl/569341" - }, - { - "url": "https://go.dev/issue/65383" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2024-2599" - }, - { - "url": "https://security.netapp.com/advisory/ntap-20240329-0004/" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" - } - ] - }, - { - "bom-ref": "urn:uuid:a09157ad-c26a-4976-8d24-12ae2867eb23", - "id": "CVE-2023-45853", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" - }, - "references": [ - { - "id": "CVE-2023-45853", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" - } - } - ], - "ratings": [ - { - "severity": "critical" - } - ], - "description": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=aad1c23de303b3c3" - } - ] - }, - { - "bom-ref": "urn:uuid:aa6e4a52-a9be-42c0-99e3-75b29dd06afe", - "id": "CVE-2023-45918", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - }, - "references": [ - { - "id": "CVE-2023-45918", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=015b1bb725c05616" - } - ] - }, - { - "bom-ref": "urn:uuid:70ee637e-6fef-49d4-a79d-ec6b5784101e", - "id": "CVE-2023-45918", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - }, - "references": [ - { - "id": "CVE-2023-45918", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - } - } - ], - "ratings": [ - { - "severity": "unknown" - } - ], - "description": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=36361b5a97996e94" - } - ] - }, - { - "bom-ref": "urn:uuid:bdc365ac-2354-46f3-92e0-7c6fbb8b1d26", - "id": "CVE-2023-50495", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - }, - "references": [ - { - "id": "CVE-2023-50495", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=015b1bb725c05616" - } - ] - }, - { - "bom-ref": "urn:uuid:e465cfde-6454-4844-9f2e-c337010ca0b4", - "id": "CVE-2023-50495", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - }, - "references": [ - { - "id": "CVE-2023-50495", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=36361b5a97996e94" + "ref": "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" } ] }, { - "bom-ref": "urn:uuid:20ce5e92-5709-4267-9d2b-9e6be646fb19", - "id": "CVE-2023-52425", + "bom-ref": "urn:uuid:5170600e-ac24-488b-afd8-1d124556c8cd", + "id": "CVE-2023-45290", "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290" }, "references": [ { - "id": "CVE-2023-52425", + "id": "CVE-2023-45290", "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290" } } ], "ratings": [ { - "severity": "high" + "severity": "unknown" } ], - "description": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", + "description": "When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" + "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4" + }, + { + "url": "https://go.dev/cl/569341" + }, + { + "url": "https://go.dev/issue/65383" + }, + { + "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg" + }, + { + "url": "https://pkg.go.dev/vuln/GO-2024-2599" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240329-0004/" } ], "affects": [ { - "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=0a0dfff5ad2a7836" + "ref": "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" } ] }, { - "bom-ref": "urn:uuid:93de9052-ce7c-40c9-aa34-b5ca94c10fb3", - "id": "CVE-2023-52426", + "bom-ref": "urn:uuid:ca73ba4f-812c-4942-83c7-112231f455a6", + "id": "CVE-2023-45853", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" }, "references": [ { - "id": "CVE-2023-52426", + "id": "CVE-2023-45853", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" } } ], "ratings": [ { - "severity": "none" + "severity": "critical" } ], - "description": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.", + "description": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45853" } ], "affects": [ { - "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=0a0dfff5ad2a7836" + "ref": "pkg:deb/debian/zlib1g@1:1.2.13.dfsg-1?arch=amd64&upstream=zlib&distro=debian-12&package-id=aad1c23de303b3c3" } ] }, { - "bom-ref": "urn:uuid:b0d7ed39-a70f-4bb6-9c5e-94057136ad28", - "id": "CVE-2023-5678", + "bom-ref": "urn:uuid:1f440d6f-1839-453f-99d5-81d544e29318", + "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" }, "references": [ { - "id": "CVE-2023-5678", + "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" } } ], "ratings": [ { - "severity": "medium" + "severity": "unknown" } ], - "description": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", + "description": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" } ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=015b1bb725c05616" } ] }, { - "bom-ref": "urn:uuid:fd6ffb7a-ca31-41e3-9fca-57eaebd141b8", - "id": "CVE-2023-6129", + "bom-ref": "urn:uuid:d5f20f35-6494-4a85-a1e9-fecc307ee375", + "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" }, "references": [ { - "id": "CVE-2023-6129", + "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" } } ], "ratings": [ { - "severity": "medium" + "severity": "unknown" } ], - "description": "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector registers in a different order than they are saved. Thus the contents of some of these vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer PowerPC processors supporting the PowerISA 2.07 instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However unless the compiler uses the vector registers for storing pointers, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3. If this cipher is enabled on the server a malicious client can influence whether this AEAD cipher is used. This implies that TLS server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue.", + "description": "ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6129" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-45918" } ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=36361b5a97996e94" } ] }, { - "bom-ref": "urn:uuid:6343ed2e-007d-4c66-8da3-6d4ea77e660b", - "id": "CVE-2023-6237", + "bom-ref": "urn:uuid:d07f9d22-9827-439d-bbf9-1fd41a995812", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" }, "references": [ { - "id": "CVE-2023-6237", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } } ], "ratings": [ { - "severity": "unknown" + "severity": "medium" } ], - "description": "Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the '-pubin' and '-check' options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", + "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6237" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libncursesw6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=015b1bb725c05616" } ] }, { - "bom-ref": "urn:uuid:aaff3307-479f-43d0-a062-4775f973d893", - "id": "CVE-2023-6597", + "bom-ref": "urn:uuid:e5d464c3-6111-4d0f-bf02-2361f06295cf", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" }, "references": [ { - "id": "CVE-2023-6597", + "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } } ], "ratings": [ { - "severity": "high" + "severity": "medium" } ], - "description": "An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.", + "description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-50495" } ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" + "ref": "pkg:deb/debian/libtinfo6@6.4-4?arch=amd64&upstream=ncurses&distro=debian-12&package-id=36361b5a97996e94" } ] }, { - "bom-ref": "urn:uuid:b97691ac-b8af-4e20-aeaa-e6ec75fd76a5", - "id": "CVE-2023-6597", + "bom-ref": "urn:uuid:0f576ade-4aa8-4a64-8fae-2656675060c8", + "id": "CVE-2023-52425", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" }, "references": [ { - "id": "CVE-2023-6597", + "id": "CVE-2023-52425", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" } } ], @@ -23265,53 +22992,53 @@ "severity": "high" } ], - "description": "An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.", + "description": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52425" } ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" + "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=0a0dfff5ad2a7836" } ] }, { - "bom-ref": "urn:uuid:bfafcb28-6120-461c-b1fd-1de2e47e4903", - "id": "CVE-2023-6597", + "bom-ref": "urn:uuid:69de3786-5d29-471c-bb56-3b60ac8468c5", + "id": "CVE-2023-52426", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" }, "references": [ { - "id": "CVE-2023-6597", + "id": "CVE-2023-52426", "source": { "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" } } ], "ratings": [ { - "severity": "high" + "severity": "none" } ], - "description": "An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.", + "description": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.", "advisories": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2023-6597" + "url": "https://security-tracker.debian.org/tracker/CVE-2023-52426" } ], "affects": [ { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" + "ref": "pkg:deb/debian/libexpat1@2.5.0-1?arch=amd64&upstream=expat&distro=debian-12&package-id=0a0dfff5ad2a7836" } ] }, { - "bom-ref": "urn:uuid:81d54963-d358-403e-9ae0-837b68414971", + "bom-ref": "urn:uuid:8b88babc-e49a-40cd-b8b4-7a45c31b45f0", "id": "CVE-2023-7104", "source": { "name": "debian-distro-debian-12", @@ -23344,7 +23071,7 @@ ] }, { - "bom-ref": "urn:uuid:076b35f4-7a4f-431b-b07b-952f7b06eab2", + "bom-ref": "urn:uuid:f55bbb9c-26ef-49cc-85ec-e00e555824ad", "id": "CVE-2024-0232", "source": { "name": "debian-distro-debian-12", @@ -23377,7 +23104,7 @@ ] }, { - "bom-ref": "urn:uuid:83151691-9f33-4e8c-a5a9-4f7d9d17e514", + "bom-ref": "urn:uuid:e48a1ac4-b93b-4dd3-a468-702ae133108b", "id": "CVE-2024-0397", "source": { "name": "debian-distro-debian-12", @@ -23394,7 +23121,7 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "high" } ], "description": "A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as during the TLS handshake with a certificate directory configured. This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.", @@ -23405,12 +23132,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" + "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651" } ] }, { - "bom-ref": "urn:uuid:93faac33-5c0d-4dd5-8e3d-4a47debef37a", + "bom-ref": "urn:uuid:867c3cd6-0289-4b4f-a7e9-d685d4918369", "id": "CVE-2024-0397", "source": { "name": "debian-distro-debian-12", @@ -23427,7 +23154,7 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "high" } ], "description": "A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as during the TLS handshake with a certificate directory configured. This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.", @@ -23438,12 +23165,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" + "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=99bba6ed48d491dd" } ] }, { - "bom-ref": "urn:uuid:eafaff45-906d-4629-bd46-8098353eb7e5", + "bom-ref": "urn:uuid:a949d163-abe4-47ad-9b84-46ff0c3276ff", "id": "CVE-2024-0397", "source": { "name": "debian-distro-debian-12", @@ -23460,7 +23187,7 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "high" } ], "description": "A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as during the TLS handshake with a certificate directory configured. This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.", @@ -23471,144 +23198,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" - } - ] - }, - { - "bom-ref": "urn:uuid:77fbb49e-8084-4fab-a28e-578c56f1e773", - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - }, - "references": [ - { - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" - } - ] - }, - { - "bom-ref": "urn:uuid:1b618c71-3bf2-4e65-aec6-15d84e56d479", - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - }, - "references": [ - { - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" - } - ] - }, - { - "bom-ref": "urn:uuid:138408e6-fe9f-40ce-aacb-103c6ee25d0d", - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - }, - "references": [ - { - "id": "CVE-2024-0450", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0450" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" - } - ] - }, - { - "bom-ref": "urn:uuid:819d1217-f2a6-4f78-9936-89007b0d06ca", - "id": "CVE-2024-0727", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - }, - "references": [ - { - "id": "CVE-2024-0727", - "source": { - "name": "debian-distro-debian-12", - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "description": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.", - "advisories": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2024-0727" - } - ], - "affects": [ - { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0b5e9759b20aed22" } ] }, { - "bom-ref": "urn:uuid:b33d8d60-0890-41ed-9e8a-abd13884dc11", + "bom-ref": "urn:uuid:9600bfa4-b783-4de2-91bd-b67c6192bd71", "id": "CVE-2024-24783", "source": { "name": "nvd-cpe", @@ -23656,7 +23251,7 @@ ] }, { - "bom-ref": "urn:uuid:76b99810-c1ba-44d7-907f-74c6579f418b", + "bom-ref": "urn:uuid:9ec36e3c-81ba-41da-9651-40c56bb9ec68", "id": "CVE-2024-24784", "source": { "name": "nvd-cpe", @@ -23704,7 +23299,7 @@ ] }, { - "bom-ref": "urn:uuid:201a164e-ff73-48c1-872a-1a9ab50d10e2", + "bom-ref": "urn:uuid:18094302-b4e3-4e39-bf90-15995fad8d96", "id": "CVE-2024-24785", "source": { "name": "nvd-cpe", @@ -23752,7 +23347,7 @@ ] }, { - "bom-ref": "urn:uuid:3b8bbf55-8bc0-4383-9b16-cfc67aa3193d", + "bom-ref": "urn:uuid:a0933623-a1af-45a0-9bf9-a48df8ec25b2", "id": "CVE-2024-24787", "source": { "name": "nvd-cpe", @@ -23769,7 +23364,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 6.4, + "severity": "medium", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "description": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.", @@ -23800,7 +23398,7 @@ ] }, { - "bom-ref": "urn:uuid:06b83eff-0dc0-479e-b026-548fe62eb343", + "bom-ref": "urn:uuid:7c6279f4-7b92-4fef-849e-e772cfe643df", "id": "CVE-2024-24789", "source": { "name": "nvd-cpe", @@ -23821,6 +23419,12 @@ "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" + }, + { + "score": 5.3, + "severity": "medium", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "description": "The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.", @@ -23851,7 +23455,7 @@ ] }, { - "bom-ref": "urn:uuid:26473cb0-79b8-476d-bab2-11debe47c851", + "bom-ref": "urn:uuid:517cca13-5903-4ef6-b0f6-1309c54cc2ec", "id": "CVE-2024-24790", "source": { "name": "nvd-cpe", @@ -23899,7 +23503,49 @@ ] }, { - "bom-ref": "urn:uuid:4ff14708-1dcd-4c3c-befe-3f6bcd5c0d50", + "bom-ref": "urn:uuid:5cb31d01-5879-49d5-920f-c05e106a1101", + "id": "CVE-2024-24791", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" + }, + "references": [ + { + "id": "CVE-2024-24791", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "description": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.", + "advisories": [ + { + "url": "https://go.dev/cl/591255" + }, + { + "url": "https://go.dev/issue/67555" + }, + { + "url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ" + }, + { + "url": "https://pkg.go.dev/vuln/GO-2024-2963" + } + ], + "affects": [ + { + "ref": "pkg:golang/stdlib@1.21.5?package-id=10eca3b8453baa12" + } + ] + }, + { + "bom-ref": "urn:uuid:edd78199-0bc1-4636-97af-5406be9da1f1", "id": "CVE-2024-2511", "source": { "name": "debian-distro-debian-12", @@ -23927,12 +23573,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" } ] }, { - "bom-ref": "urn:uuid:51d8ff24-dacd-4c78-9927-3da0b51c2229", + "bom-ref": "urn:uuid:e3176e0d-f930-4bae-9ef8-96743737b714", "id": "CVE-2024-25620", "source": { "name": "nvd-cpe", @@ -23966,12 +23612,12 @@ ], "affects": [ { - "ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=eaaf7e7c6c586545" + "ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=a06b39d8afcd16cd" } ] }, { - "bom-ref": "urn:uuid:8b313f48-abd8-4e88-b139-530d67704807", + "bom-ref": "urn:uuid:93ec1544-2aed-4af5-9cb2-495702ce7937", "id": "CVE-2024-26147", "source": { "name": "nvd-cpe", @@ -24005,12 +23651,12 @@ ], "affects": [ { - "ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=eaaf7e7c6c586545" + "ref": "pkg:golang/helm.sh/helm@3.14.0?package-id=a06b39d8afcd16cd" } ] }, { - "bom-ref": "urn:uuid:2de0776b-c3d5-4d5d-8e7d-e54e3cbd97b2", + "bom-ref": "urn:uuid:7e690388-6c0b-41ce-a759-23945d316694", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -24043,7 +23689,7 @@ ] }, { - "bom-ref": "urn:uuid:5ac612d7-38f0-47a4-b825-d89310c6e6d6", + "bom-ref": "urn:uuid:1f225430-14cb-4014-9a92-611f730ef658", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -24076,7 +23722,7 @@ ] }, { - "bom-ref": "urn:uuid:89420922-8bfd-48a8-a992-628c8901ec62", + "bom-ref": "urn:uuid:9f884f97-bb59-4f86-81aa-b33ae9a99636", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -24109,7 +23755,7 @@ ] }, { - "bom-ref": "urn:uuid:f0bef03c-d939-4716-ae4d-1d41f489bbf3", + "bom-ref": "urn:uuid:e333e204-c2a3-4920-94d2-9dcec53b508b", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -24142,7 +23788,7 @@ ] }, { - "bom-ref": "urn:uuid:5c1193bf-600a-49d9-a2a6-97063c5e5209", + "bom-ref": "urn:uuid:7db3310c-39a1-4e6f-a266-e54f13a90ccc", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -24175,7 +23821,7 @@ ] }, { - "bom-ref": "urn:uuid:b5d10c08-ef81-48c2-a6e6-75502f241dc4", + "bom-ref": "urn:uuid:785d5e46-77ff-4951-ab0e-fbf3ad901a2a", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -24208,7 +23854,7 @@ ] }, { - "bom-ref": "urn:uuid:5262660f-cd19-4b9c-b0ab-ee94adf44419", + "bom-ref": "urn:uuid:10f5cfcb-cf59-4876-ba65-eff2beb42769", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -24241,7 +23887,7 @@ ] }, { - "bom-ref": "urn:uuid:8dfffc66-e825-4906-882c-c2914f9a7771", + "bom-ref": "urn:uuid:e5e66bbe-69d2-49cd-92a4-9c3ee30fef04", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -24274,7 +23920,7 @@ ] }, { - "bom-ref": "urn:uuid:f0a81ee1-c4fc-4bf2-a00f-eb653f32238d", + "bom-ref": "urn:uuid:da291241-030b-4d7d-b141-1450f1d9c376", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -24307,7 +23953,7 @@ ] }, { - "bom-ref": "urn:uuid:02ac9526-76bc-4dee-8dd0-af12800e148e", + "bom-ref": "urn:uuid:2ab64c63-e345-4a43-a24c-55a257e004eb", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -24340,7 +23986,7 @@ ] }, { - "bom-ref": "urn:uuid:21edb327-6e0a-4bcf-83e6-ed3092f932f8", + "bom-ref": "urn:uuid:76f7ad88-c9e2-4185-a84a-2158503904fe", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -24373,7 +24019,7 @@ ] }, { - "bom-ref": "urn:uuid:e170a776-2498-4fc5-80f4-6a8b4d16b64c", + "bom-ref": "urn:uuid:096449b4-7853-4255-a968-29ba226af1bc", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -24406,7 +24052,7 @@ ] }, { - "bom-ref": "urn:uuid:d3b5a6c8-27b0-4d9d-8860-238134bbb97d", + "bom-ref": "urn:uuid:7ef9a34d-881f-4dad-9d26-370011685e05", "id": "CVE-2024-28757", "source": { "name": "debian-distro-debian-12", @@ -24439,7 +24085,7 @@ ] }, { - "bom-ref": "urn:uuid:d2c2c3a1-6f7a-4d45-ab8a-9b57954fc478", + "bom-ref": "urn:uuid:49fe7aca-8c18-4086-bbf1-f191b2b26ba1", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -24459,6 +24105,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -24471,7 +24118,7 @@ ] }, { - "bom-ref": "urn:uuid:564a8552-0781-42cc-9cc7-a1d96428114b", + "bom-ref": "urn:uuid:870b4be5-6323-4f14-bac1-454158ac567f", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -24491,6 +24138,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -24503,7 +24151,7 @@ ] }, { - "bom-ref": "urn:uuid:666bec9c-98ca-42e2-9d31-395b73e15de7", + "bom-ref": "urn:uuid:47dc8337-1a90-4d8a-9cda-99732f1738e5", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -24523,6 +24171,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -24535,7 +24184,7 @@ ] }, { - "bom-ref": "urn:uuid:5e9e39e6-5077-4416-9d78-b723c284b8a5", + "bom-ref": "urn:uuid:146bcb02-75ac-4c8e-a5b4-673ea46376f1", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -24555,6 +24204,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -24567,7 +24217,7 @@ ] }, { - "bom-ref": "urn:uuid:5155a16e-4450-4371-b822-67311f4c232d", + "bom-ref": "urn:uuid:1ca64853-0d03-467e-93fb-517f92063f10", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -24587,6 +24237,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -24599,7 +24250,7 @@ ] }, { - "bom-ref": "urn:uuid:81c75311-cc95-4ed0-94d4-bbfbc3091df0", + "bom-ref": "urn:uuid:f3c68fd8-bcee-4ce7-9c3d-e6fe52bbda71", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -24619,6 +24270,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -24631,7 +24283,7 @@ ] }, { - "bom-ref": "urn:uuid:e1b283a1-974e-41d6-9bff-f54e0067d9b9", + "bom-ref": "urn:uuid:e669685f-212c-47da-ba3b-7dc1637b7632", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -24651,6 +24303,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -24663,7 +24316,7 @@ ] }, { - "bom-ref": "urn:uuid:f21c4ac3-ef1c-41de-9c1d-a54fb36c1041", + "bom-ref": "urn:uuid:3fc6aaa5-f3c0-4171-8e03-41b6613dded2", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -24683,6 +24336,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -24695,7 +24349,7 @@ ] }, { - "bom-ref": "urn:uuid:1b71cc4d-0fb4-4769-8815-440e573a9eb9", + "bom-ref": "urn:uuid:5d43d809-4d8f-4b67-a05c-8f00a022944e", "id": "CVE-2024-4030", "source": { "name": "nvd-cpe", @@ -24712,7 +24366,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 7.1, + "severity": "high", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "description": "On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions.\n\nIf you’re not using Windows or haven’t changed the temporary directory location then you aren’t affected by this vulnerability. On other platforms the returned directory is consistently readable and writable only by the current user.\n\nThis issue was caused by Python not supporting Unix permissions on Windows. The fix adds support for Unix “700” for the mkdir function on Windows which is used by mkdtemp() to ensure the newly created directory has the proper permissions.\n", @@ -24762,12 +24419,12 @@ ], "affects": [ { - "ref": "pkg:generic/python@3.11.9?package-id=a48d082afc955ee4" + "ref": "pkg:generic/python@3.11.9?package-id=09a1e3f80eef3fc9" } ] }, { - "bom-ref": "urn:uuid:ecba751c-cd33-48c1-87ef-921e73e6ca94", + "bom-ref": "urn:uuid:4246489e-2204-472c-bd03-6a59e32ae4a0", "id": "CVE-2024-4032", "source": { "name": "debian-distro-debian-12", @@ -24795,12 +24452,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=00453d327cc7fac3" + "ref": "pkg:deb/debian/libpython3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0f2b8bb5592d1651" } ] }, { - "bom-ref": "urn:uuid:323d2515-3439-4215-811d-badb5f4c0b1f", + "bom-ref": "urn:uuid:7543ad6e-3081-492a-aba1-f4ba9bd5bfb3", "id": "CVE-2024-4032", "source": { "name": "debian-distro-debian-12", @@ -24828,12 +24485,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=86d1b6a52702ddf0" + "ref": "pkg:deb/debian/libpython3.11-stdlib@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=99bba6ed48d491dd" } ] }, { - "bom-ref": "urn:uuid:d23a1314-d257-4e77-a936-46c4eaf64792", + "bom-ref": "urn:uuid:c0715020-1d59-4688-b1fa-6abc1678f40d", "id": "CVE-2024-4032", "source": { "name": "nvd-cpe", @@ -24894,12 +24551,12 @@ ], "affects": [ { - "ref": "pkg:generic/python@3.11.9?package-id=a48d082afc955ee4" + "ref": "pkg:generic/python@3.11.9?package-id=09a1e3f80eef3fc9" } ] }, { - "bom-ref": "urn:uuid:82017d01-a5b1-4b07-8945-c78e01399cde", + "bom-ref": "urn:uuid:9a7034b1-16ac-4742-9173-2820d4104607", "id": "CVE-2024-4032", "source": { "name": "debian-distro-debian-12", @@ -24927,12 +24584,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6?arch=amd64&upstream=python3.11&distro=debian-12&package-id=a726fe6d5df1ec77" + "ref": "pkg:deb/debian/python3.11-minimal@3.11.2-6%2Bdeb12u2?arch=amd64&upstream=python3.11&distro=debian-12&package-id=0b5e9759b20aed22" } ] }, { - "bom-ref": "urn:uuid:7f50ca2e-45ee-4514-9859-877d23714dca", + "bom-ref": "urn:uuid:5f15213b-ea41-44c5-9a1b-4f5d7316f043", "id": "CVE-2024-4603", "source": { "name": "debian-distro-debian-12", @@ -24960,12 +24617,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" } ] }, { - "bom-ref": "urn:uuid:b62253a6-5c24-4821-bd7d-7450a7aa7367", + "bom-ref": "urn:uuid:6724c5b9-89a5-4bea-91cf-294a4e0082e1", "id": "CVE-2024-4741", "source": { "name": "debian-distro-debian-12", @@ -24992,12 +24649,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" } ] }, { - "bom-ref": "urn:uuid:06c72987-ad11-4488-b72c-7264391d14e6", + "bom-ref": "urn:uuid:1b584c90-a59a-4052-a856-cec356bdb502", "id": "CVE-2024-5535", "source": { "name": "debian-distro-debian-12", @@ -25014,9 +24671,10 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "critical" } ], + "description": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-5535" @@ -25024,12 +24682,12 @@ ], "affects": [ { - "ref": "pkg:deb/debian/libssl3@3.0.11-1~deb12u2?arch=amd64&upstream=openssl&distro=debian-12&package-id=493d152080fcee4e" + "ref": "pkg:deb/debian/libssl3@3.0.13-1~deb12u1?arch=amd64&upstream=openssl&distro=debian-12&package-id=3ae9fa83435b7a19" } ] }, { - "bom-ref": "urn:uuid:67eae3d0-c8b9-4b61-ade4-b3469daf8a98", + "bom-ref": "urn:uuid:2cef0050-8423-4a48-b860-fb854813e6d8", "id": "GHSA-34jh-p97f-mpxf", "source": { "name": "github-language-python", @@ -25065,7 +24723,7 @@ ] }, { - "bom-ref": "urn:uuid:32de80bd-a372-431a-b843-94cc1b6469c2", + "bom-ref": "urn:uuid:16f46f23-338a-43eb-9dee-da898ffa1f7b", "id": "GHSA-4v7x-pqxf-cx7m", "source": { "name": "github-language-go", @@ -25101,7 +24759,7 @@ ] }, { - "bom-ref": "urn:uuid:71af325f-86a8-4eeb-969b-dfa5f1a9ce2d", + "bom-ref": "urn:uuid:c3d95f49-54bf-47a3-88ca-614cea5ea2e0", "id": "GHSA-4v7x-pqxf-cx7m", "source": { "name": "github-language-go", @@ -25132,12 +24790,12 @@ ], "affects": [ { - "ref": "pkg:golang/golang.org/x/net@v0.20.0?package-id=a2fce92e144fbc71" + "ref": "pkg:golang/golang.org/x/net@v0.20.0?package-id=74d027b531e7de02" } ] }, { - "bom-ref": "urn:uuid:2a8690e1-a6ad-471c-afc9-358faefc7a57", + "bom-ref": "urn:uuid:92015b74-1775-4f7c-b058-5dec20db433f", "id": "GHSA-8r3f-844c-mc37", "source": { "name": "github-language-go", @@ -25170,7 +24828,7 @@ ] }, { - "bom-ref": "urn:uuid:6a2b381d-59bd-4d6b-b49c-c49aa1fb734c", + "bom-ref": "urn:uuid:34a5b386-6a63-4d30-8ee0-b1f250c4bd6c", "id": "GHSA-8r3f-844c-mc37", "source": { "name": "github-language-go", @@ -25198,12 +24856,12 @@ ], "affects": [ { - "ref": "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=2d01130f548ca187" + "ref": "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=cf0a618c2651fffc" } ] }, { - "bom-ref": "urn:uuid:b7cff800-cc81-401e-8954-90a737bf1d23", + "bom-ref": "urn:uuid:c89baf89-2845-4e62-a759-bc9ca1e85904", "id": "GHSA-9wx4-h78v-vm56", "source": { "name": "github-language-python", @@ -25239,7 +24897,7 @@ ] }, { - "bom-ref": "urn:uuid:cee4b9fe-df84-40a9-992f-106e157e26cd", + "bom-ref": "urn:uuid:f980d43b-dd2a-48ae-a95b-98d45393605f", "id": "GHSA-h75v-3vvj-5mfj", "source": { "name": "github-language-python", @@ -25275,7 +24933,7 @@ ] }, { - "bom-ref": "urn:uuid:24aac57f-310c-4cb5-a35e-23c5066b59b5", + "bom-ref": "urn:uuid:91ca17d5-606c-44fe-9e27-ad7714633d12", "id": "GHSA-jjg7-2v4v-x38h", "source": { "name": "github-language-python", @@ -25311,7 +24969,7 @@ ] }, { - "bom-ref": "urn:uuid:5dd599ac-a862-4768-807a-d149e8d48900", + "bom-ref": "urn:uuid:56b89072-c353-4e31-8732-aa3e0825f512", "id": "GHSA-jw44-4f3j-q396", "source": { "name": "github-language-go", @@ -25344,7 +25002,7 @@ ] }, { - "bom-ref": "urn:uuid:3ee9279c-150a-4122-a724-da97247b842d", + "bom-ref": "urn:uuid:75ca9c4e-cd20-4c40-be1b-517e2e87d319", "id": "GHSA-r53h-jv2g-vpx6", "source": { "name": "github-language-go", @@ -25380,7 +25038,7 @@ ] }, { - "bom-ref": "urn:uuid:f6d8197d-2c37-40fe-97a0-e084d6663b59", + "bom-ref": "urn:uuid:08b927db-8e7d-47f7-8a05-dd203ec5b42c", "id": "GHSA-v53g-5gjp-272r", "source": { "name": "github-language-go", @@ -25416,7 +25074,7 @@ ] }, { - "bom-ref": "urn:uuid:94be39da-5ad3-43e9-a332-bf8f2d445962", + "bom-ref": "urn:uuid:4741c2e1-e0f5-468e-a601-a04e0d8e0de7", "id": "GHSA-xw73-rw38-6vjc", "source": { "name": "github-language-go", diff --git a/sboms/docker.io_vectorim_matrix-content-scanner:v1.0.6.json b/sboms/docker.io_vectorim_matrix-content-scanner:v1.0.6.json index 9c01bd4..4c30643 100644 --- a/sboms/docker.io_vectorim_matrix-content-scanner:v1.0.6.json +++ b/sboms/docker.io_vectorim_matrix-content-scanner:v1.0.6.json @@ -1,18 +1,18 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:09e71294-fa9e-441b-9664-96b6240145be", + "specVersion": "1.6", + "serialNumber": "urn:uuid:5d2cc335-fa00-457f-aaf8-a78a5b8ef9de", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:54:12Z", + "timestamp": "2024-07-05T11:45:42Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, @@ -16229,7 +16229,7 @@ ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:f4ff04c5-fbe5-47a5-8232-ca1ade1eb71d", + "bom-ref": "urn:uuid:79e7d7e9-14d3-4630-b9c9-55a110ccf3c7", "id": "CVE-2005-2541", "source": { "name": "debian-distro-debian-12", @@ -16262,7 +16262,7 @@ ] }, { - "bom-ref": "urn:uuid:3b86b594-3e4b-4da6-b622-2c9feb5785fb", + "bom-ref": "urn:uuid:b3c92ef1-60b0-4cd0-902d-069e05f116fa", "id": "CVE-2007-5686", "source": { "name": "debian-distro-debian-12", @@ -16295,7 +16295,7 @@ ] }, { - "bom-ref": "urn:uuid:c1406c26-790a-41e1-b39a-f77e672ea886", + "bom-ref": "urn:uuid:0bda91b4-ae7e-4e65-9122-2be339c0c518", "id": "CVE-2007-5686", "source": { "name": "debian-distro-debian-12", @@ -16328,7 +16328,7 @@ ] }, { - "bom-ref": "urn:uuid:ca7cee46-49e1-43cb-9620-5a39d434d250", + "bom-ref": "urn:uuid:bac81e73-0134-4cf4-b700-813a818350bf", "id": "CVE-2010-4756", "source": { "name": "debian-distro-debian-12", @@ -16361,7 +16361,7 @@ ] }, { - "bom-ref": "urn:uuid:8a6c3a09-9af2-4168-a1b1-1ece11ec9159", + "bom-ref": "urn:uuid:b3371d7d-3fdc-4d07-853a-5bf28c1017c3", "id": "CVE-2010-4756", "source": { "name": "debian-distro-debian-12", @@ -16394,7 +16394,7 @@ ] }, { - "bom-ref": "urn:uuid:5a121cfb-e2f4-458b-aa9e-9b42e83f14d4", + "bom-ref": "urn:uuid:760f13f7-f9d2-4757-af10-3aa36c511899", "id": "CVE-2011-3374", "source": { "name": "debian-distro-debian-12", @@ -16427,7 +16427,7 @@ ] }, { - "bom-ref": "urn:uuid:e8b1a042-ee2b-4921-a147-373de5097333", + "bom-ref": "urn:uuid:53db034b-793f-4338-b49c-52cf95a4cba0", "id": "CVE-2011-3374", "source": { "name": "debian-distro-debian-12", @@ -16460,7 +16460,7 @@ ] }, { - "bom-ref": "urn:uuid:cf7f681b-3420-4b49-82bd-cf482d251abb", + "bom-ref": "urn:uuid:1f19bd53-9b8c-4b84-9c1b-474acb33c281", "id": "CVE-2011-3389", "source": { "name": "debian-distro-debian-12", @@ -16493,7 +16493,7 @@ ] }, { - "bom-ref": "urn:uuid:957d1fbc-3487-49e1-8610-971eb4fb895e", + "bom-ref": "urn:uuid:1d8b1f01-4cb2-40a5-bbd1-8621187a2778", "id": "CVE-2011-4116", "source": { "name": "debian-distro-debian-12", @@ -16526,7 +16526,7 @@ ] }, { - "bom-ref": "urn:uuid:a577012e-590c-4672-84e9-78787a6ace85", + "bom-ref": "urn:uuid:096fa2d2-46bb-4f78-9f00-17a4a35963da", "id": "CVE-2013-4392", "source": { "name": "debian-distro-debian-12", @@ -16559,7 +16559,7 @@ ] }, { - "bom-ref": "urn:uuid:259c76c9-2bc7-4807-8741-8951f4ff0582", + "bom-ref": "urn:uuid:2b3e598d-00f8-42af-8c8a-3e5ffbc92a5b", "id": "CVE-2013-4392", "source": { "name": "debian-distro-debian-12", @@ -16592,7 +16592,7 @@ ] }, { - "bom-ref": "urn:uuid:22781092-a479-47e9-85ce-cc4dfc1cc496", + "bom-ref": "urn:uuid:e1bee1c8-2f9c-4648-b348-e405c2530807", "id": "CVE-2016-2781", "source": { "name": "debian-distro-debian-12", @@ -16625,7 +16625,7 @@ ] }, { - "bom-ref": "urn:uuid:ba80322f-f3b6-431d-9f9a-10b35566dbea", + "bom-ref": "urn:uuid:25db0dc5-7e9a-44fe-a296-88cef2ae474e", "id": "CVE-2017-18018", "source": { "name": "debian-distro-debian-12", @@ -16658,7 +16658,7 @@ ] }, { - "bom-ref": "urn:uuid:0d4b65e7-0eb0-4246-ad7d-48e2f3d58279", + "bom-ref": "urn:uuid:c76d6cc5-1713-418c-ae9f-e24ca8f47666", "id": "CVE-2018-20796", "source": { "name": "debian-distro-debian-12", @@ -16691,7 +16691,7 @@ ] }, { - "bom-ref": "urn:uuid:66573178-c624-48b4-bca8-d25d03a88312", + "bom-ref": "urn:uuid:9b11f58d-39a8-445d-99de-19925ba904a0", "id": "CVE-2018-20796", "source": { "name": "debian-distro-debian-12", @@ -16724,7 +16724,7 @@ ] }, { - "bom-ref": "urn:uuid:800d8895-c1d7-4322-8ff9-843333a6fcf5", + "bom-ref": "urn:uuid:0839d539-4bff-406c-b98b-ea28712383db", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -16757,7 +16757,7 @@ ] }, { - "bom-ref": "urn:uuid:9e628ef1-719b-41db-8bd3-5641fc57fe41", + "bom-ref": "urn:uuid:c4e40e7a-806a-4287-b81b-25e4bae26a05", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -16790,7 +16790,7 @@ ] }, { - "bom-ref": "urn:uuid:a1784ad0-84be-4e88-9489-f213bcada7a2", + "bom-ref": "urn:uuid:76879f23-65bd-4d21-bf08-9b52db0baef8", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -16823,7 +16823,7 @@ ] }, { - "bom-ref": "urn:uuid:b8041d04-71a6-4d10-ac80-7c92bdf849e1", + "bom-ref": "urn:uuid:767ac53e-d227-4174-8321-762b1b9375d5", "id": "CVE-2018-5709", "source": { "name": "debian-distro-debian-12", @@ -16856,7 +16856,7 @@ ] }, { - "bom-ref": "urn:uuid:505aa74b-34a4-40b1-9b46-9eb03f6fa9f3", + "bom-ref": "urn:uuid:ae988817-c536-496d-be13-9a1c7420837d", "id": "CVE-2018-6829", "source": { "name": "debian-distro-debian-12", @@ -16889,7 +16889,7 @@ ] }, { - "bom-ref": "urn:uuid:49b93bb0-9fc3-4a12-8173-deb366adbfa1", + "bom-ref": "urn:uuid:b8450835-eab5-42d0-b938-16cd34ced360", "id": "CVE-2019-1010022", "source": { "name": "debian-distro-debian-12", @@ -16922,7 +16922,7 @@ ] }, { - "bom-ref": "urn:uuid:7c39f801-3376-4aab-8498-8eb3ce16c71e", + "bom-ref": "urn:uuid:3c253111-3c4f-4ae3-93a2-5c0f62bc0f1a", "id": "CVE-2019-1010022", "source": { "name": "debian-distro-debian-12", @@ -16955,7 +16955,7 @@ ] }, { - "bom-ref": "urn:uuid:97c30296-44c3-457f-a259-19c4b702518a", + "bom-ref": "urn:uuid:0047f721-1445-4215-bb01-830daa278af1", "id": "CVE-2019-1010023", "source": { "name": "debian-distro-debian-12", @@ -16988,7 +16988,7 @@ ] }, { - "bom-ref": "urn:uuid:973d71bc-f206-4fce-afc0-8a2a6fd3443a", + "bom-ref": "urn:uuid:681f4285-a92d-4200-bb51-a6031414e5c7", "id": "CVE-2019-1010023", "source": { "name": "debian-distro-debian-12", @@ -17021,7 +17021,7 @@ ] }, { - "bom-ref": "urn:uuid:a607ddc0-9cef-49bf-91af-8997aff8ac7a", + "bom-ref": "urn:uuid:04a896c9-12f6-497e-9830-7129b8a94cf1", "id": "CVE-2019-1010024", "source": { "name": "debian-distro-debian-12", @@ -17054,7 +17054,7 @@ ] }, { - "bom-ref": "urn:uuid:8aa41d03-d6ed-4b22-ba23-56f1e77b1288", + "bom-ref": "urn:uuid:b31d2d66-6100-4849-a0ff-52b2df98f792", "id": "CVE-2019-1010024", "source": { "name": "debian-distro-debian-12", @@ -17087,7 +17087,7 @@ ] }, { - "bom-ref": "urn:uuid:0a1aab0b-1177-4fa7-ab1e-61e6b624adbf", + "bom-ref": "urn:uuid:36475e21-a6aa-4274-a0b2-9f9d3471c26d", "id": "CVE-2019-1010025", "source": { "name": "debian-distro-debian-12", @@ -17120,7 +17120,7 @@ ] }, { - "bom-ref": "urn:uuid:3882230d-8636-4d29-ad76-de3d4db816ab", + "bom-ref": "urn:uuid:ab4d1b2f-4ebd-4509-b66c-56591c254f9c", "id": "CVE-2019-1010025", "source": { "name": "debian-distro-debian-12", @@ -17153,7 +17153,7 @@ ] }, { - "bom-ref": "urn:uuid:a8b493b3-2f40-4dca-8098-8381147147d9", + "bom-ref": "urn:uuid:5faff84b-39b8-4b87-8f8e-09b7e6628e3f", "id": "CVE-2019-19882", "source": { "name": "debian-distro-debian-12", @@ -17186,7 +17186,7 @@ ] }, { - "bom-ref": "urn:uuid:09f7118e-e341-48ca-b051-fd6964411139", + "bom-ref": "urn:uuid:ce35d16a-53b5-4395-8b3c-0278052b6538", "id": "CVE-2019-19882", "source": { "name": "debian-distro-debian-12", @@ -17219,7 +17219,7 @@ ] }, { - "bom-ref": "urn:uuid:473d8a3c-2e8b-4c47-90e5-5f4892669134", + "bom-ref": "urn:uuid:ac48e167-45d5-4148-8a41-aacde8905eb4", "id": "CVE-2019-9192", "source": { "name": "debian-distro-debian-12", @@ -17252,7 +17252,7 @@ ] }, { - "bom-ref": "urn:uuid:badaacba-c6b3-477d-9cb5-d9133c7316a0", + "bom-ref": "urn:uuid:a623e6e3-23d2-4b28-aa98-51740fd56839", "id": "CVE-2019-9192", "source": { "name": "debian-distro-debian-12", @@ -17285,7 +17285,7 @@ ] }, { - "bom-ref": "urn:uuid:4faa6b9a-e0dc-4b76-8f95-b5f860e8535b", + "bom-ref": "urn:uuid:449f2458-5b73-4b1f-8f70-4db4e3d2e16b", "id": "CVE-2021-45346", "source": { "name": "debian-distro-debian-12", @@ -17318,7 +17318,7 @@ ] }, { - "bom-ref": "urn:uuid:d6891c4f-b846-4e34-b11e-18f1b7b5195e", + "bom-ref": "urn:uuid:ee5ad240-98f2-4ff7-9404-ff9b0b671011", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -17351,7 +17351,7 @@ ] }, { - "bom-ref": "urn:uuid:89a0770b-4b49-41e7-9e34-d32a0b63a261", + "bom-ref": "urn:uuid:40bfab41-a9e0-496d-8ed2-97172894a948", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -17384,7 +17384,7 @@ ] }, { - "bom-ref": "urn:uuid:e003bf41-8a92-4548-a30f-7aa1b17d6863", + "bom-ref": "urn:uuid:0f75e6cb-c14b-4656-85e8-1475eac32356", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -17417,7 +17417,7 @@ ] }, { - "bom-ref": "urn:uuid:5dcfd93c-b583-4b6c-9767-8f6787405220", + "bom-ref": "urn:uuid:21acdf00-31b0-4e47-b24f-bc087b813948", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -17450,7 +17450,7 @@ ] }, { - "bom-ref": "urn:uuid:7335f6a2-de85-48b6-9291-9a16df51e2d4", + "bom-ref": "urn:uuid:c844b496-8be3-48cc-a4ae-b206e42dc080", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -17483,7 +17483,7 @@ ] }, { - "bom-ref": "urn:uuid:098e745c-d5c9-49cd-98af-066de1a87544", + "bom-ref": "urn:uuid:5c654aa8-0883-433b-969a-c5c30ceb0341", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -17516,7 +17516,7 @@ ] }, { - "bom-ref": "urn:uuid:abc34933-1773-406b-b40f-e8ac59e4fe2a", + "bom-ref": "urn:uuid:bfdb4e91-0a37-4ea0-9980-374e63589440", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -17549,7 +17549,7 @@ ] }, { - "bom-ref": "urn:uuid:5585ae69-1d0c-4cc5-b4bc-17c0893115c8", + "bom-ref": "urn:uuid:632c49c3-ff15-4dea-a26a-987a66c6e494", "id": "CVE-2022-0563", "source": { "name": "debian-distro-debian-12", @@ -17582,7 +17582,7 @@ ] }, { - "bom-ref": "urn:uuid:4235275d-93dc-497f-a976-8f545e247348", + "bom-ref": "urn:uuid:1c2a42d5-8f61-4f9c-9a85-0ee73588bf7f", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -17615,7 +17615,7 @@ ] }, { - "bom-ref": "urn:uuid:150ea91d-7e83-44f8-bb6d-6dbcf0e74844", + "bom-ref": "urn:uuid:a9cb71a8-644e-4703-8a65-b2a94d2594ee", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -17648,7 +17648,7 @@ ] }, { - "bom-ref": "urn:uuid:2f6983cb-e3fb-439c-b4f2-15528d8b77dd", + "bom-ref": "urn:uuid:6522f521-b783-468f-a3d1-1c17d8a3a179", "id": "CVE-2022-27943", "source": { "name": "debian-distro-debian-12", @@ -17681,7 +17681,7 @@ ] }, { - "bom-ref": "urn:uuid:0d56d7eb-d753-4d5f-8d32-879b71543f77", + "bom-ref": "urn:uuid:8e010fb8-001f-4947-9189-8ce865762cf3", "id": "CVE-2022-3219", "source": { "name": "debian-distro-debian-12", @@ -17714,7 +17714,7 @@ ] }, { - "bom-ref": "urn:uuid:bad1b473-93c5-4529-93d0-a233e0017c31", + "bom-ref": "urn:uuid:ce3c9acd-f97a-47f5-8766-3faeb1bd9735", "id": "CVE-2023-27043", "source": { "name": "nvd-cpe", @@ -17816,7 +17816,7 @@ ] }, { - "bom-ref": "urn:uuid:a1365a45-a980-4505-a40c-b5295c8683fb", + "bom-ref": "urn:uuid:8c8cf450-fe55-47d8-859f-ca3dd9196d55", "id": "CVE-2023-29383", "source": { "name": "debian-distro-debian-12", @@ -17849,7 +17849,7 @@ ] }, { - "bom-ref": "urn:uuid:d4266073-4644-48de-8737-726f21a113e0", + "bom-ref": "urn:uuid:141a9b86-94bd-4730-8d3b-3a3068639326", "id": "CVE-2023-29383", "source": { "name": "debian-distro-debian-12", @@ -17882,7 +17882,7 @@ ] }, { - "bom-ref": "urn:uuid:798d1857-92f4-4576-bf29-97959d7f6535", + "bom-ref": "urn:uuid:3cb308b1-2583-491e-8415-ccea774afb82", "id": "CVE-2023-31437", "source": { "name": "debian-distro-debian-12", @@ -17915,7 +17915,7 @@ ] }, { - "bom-ref": "urn:uuid:3eaf7640-b4d9-496c-99c2-4b72673b5fdf", + "bom-ref": "urn:uuid:9214ba21-36ea-451b-8f92-ba152e8b503a", "id": "CVE-2023-31437", "source": { "name": "debian-distro-debian-12", @@ -17948,7 +17948,7 @@ ] }, { - "bom-ref": "urn:uuid:4c8c023a-22c0-4600-902c-8dc5082d2504", + "bom-ref": "urn:uuid:9c7594d8-6273-46b9-b516-7578ad86de9a", "id": "CVE-2023-31438", "source": { "name": "debian-distro-debian-12", @@ -17981,7 +17981,7 @@ ] }, { - "bom-ref": "urn:uuid:573a8b1a-7c7d-485b-818b-7877794cf03b", + "bom-ref": "urn:uuid:3055066a-45f6-4055-9b84-7c11de205bf7", "id": "CVE-2023-31438", "source": { "name": "debian-distro-debian-12", @@ -18014,7 +18014,7 @@ ] }, { - "bom-ref": "urn:uuid:2b475bb9-df62-4ba7-a4b3-87475adef26b", + "bom-ref": "urn:uuid:c8d34cfe-2966-4837-b9e6-d33aa153ea23", "id": "CVE-2023-31439", "source": { "name": "debian-distro-debian-12", @@ -18047,7 +18047,7 @@ ] }, { - "bom-ref": "urn:uuid:01cfe277-b891-4a1d-b0df-b1642d89f55b", + "bom-ref": "urn:uuid:2b063a80-328c-488f-8e7c-c8d383e63629", "id": "CVE-2023-31439", "source": { "name": "debian-distro-debian-12", @@ -18080,7 +18080,7 @@ ] }, { - "bom-ref": "urn:uuid:a75fff30-50fd-4fc3-9274-e6d898dd98fd", + "bom-ref": "urn:uuid:f31f13af-784e-40cf-a800-b507605640bd", "id": "CVE-2023-31484", "source": { "name": "debian-distro-debian-12", @@ -18113,7 +18113,7 @@ ] }, { - "bom-ref": "urn:uuid:4ac85937-1211-4ced-b40f-770600d84166", + "bom-ref": "urn:uuid:809b6565-e13f-4e75-8f2d-8ef5b2c68eea", "id": "CVE-2023-31486", "source": { "name": "debian-distro-debian-12", @@ -18146,7 +18146,7 @@ ] }, { - "bom-ref": "urn:uuid:e03bb462-3b95-4ea4-b5ce-6608255117b1", + "bom-ref": "urn:uuid:5e307ec0-6b04-4f23-b801-a8660dff99f4", "id": "CVE-2023-36632", "source": { "name": "nvd-cpe", @@ -18191,7 +18191,7 @@ ] }, { - "bom-ref": "urn:uuid:611d92e7-02c9-4192-be71-dbd3cee00de3", + "bom-ref": "urn:uuid:91579afd-106d-49a8-91b8-56add8ea51a2", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -18224,7 +18224,7 @@ ] }, { - "bom-ref": "urn:uuid:adb53c17-7a4e-4143-8d12-9993e79f4bf4", + "bom-ref": "urn:uuid:1b3db147-0f21-471b-82f5-95db66cc8eee", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -18257,7 +18257,7 @@ ] }, { - "bom-ref": "urn:uuid:6db07534-3251-4cbd-91a3-5ddbdcdee183", + "bom-ref": "urn:uuid:e6388749-bae5-4894-82c1-2106d5d80c83", "id": "CVE-2023-4039", "source": { "name": "debian-distro-debian-12", @@ -18290,7 +18290,7 @@ ] }, { - "bom-ref": "urn:uuid:c86fbd34-ba88-4e90-a53b-4ca07958462c", + "bom-ref": "urn:uuid:ea46b3fb-a8d1-49fd-9e2b-f5f66131e533", "id": "CVE-2023-45853", "source": { "name": "debian-distro-debian-12", @@ -18323,7 +18323,7 @@ ] }, { - "bom-ref": "urn:uuid:030cee6d-f44a-4818-a0ce-1022a02b47e1", + "bom-ref": "urn:uuid:85dc91a1-ec61-462a-a1b5-e8f863697497", "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", @@ -18356,7 +18356,7 @@ ] }, { - "bom-ref": "urn:uuid:f588b295-1762-4d9b-8951-bba0fba9c089", + "bom-ref": "urn:uuid:8a6c9b93-8d75-4f56-854d-903d6b096a41", "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", @@ -18389,7 +18389,7 @@ ] }, { - "bom-ref": "urn:uuid:c0bcc329-83c7-423e-adb5-a26bf226045b", + "bom-ref": "urn:uuid:b01867cd-81ca-48bd-839f-a01b36fa8562", "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", @@ -18422,7 +18422,7 @@ ] }, { - "bom-ref": "urn:uuid:708a36a1-ba30-4f0c-b8ac-0dff41ddbed0", + "bom-ref": "urn:uuid:3a057557-5559-4821-9657-480209089de9", "id": "CVE-2023-45918", "source": { "name": "debian-distro-debian-12", @@ -18455,7 +18455,7 @@ ] }, { - "bom-ref": "urn:uuid:049fb52b-d6c7-4a9f-83c1-25d8f1ac7d2c", + "bom-ref": "urn:uuid:7dd26dbb-7fce-4765-b849-4aa7bbffd9bd", "id": "CVE-2023-4641", "source": { "name": "debian-distro-debian-12", @@ -18488,7 +18488,7 @@ ] }, { - "bom-ref": "urn:uuid:b17c4d04-98b8-47c3-89f5-dc2a2db9fb6e", + "bom-ref": "urn:uuid:ce0d3157-f7a3-45b9-b0ce-8ddc37585454", "id": "CVE-2023-4641", "source": { "name": "debian-distro-debian-12", @@ -18521,7 +18521,7 @@ ] }, { - "bom-ref": "urn:uuid:78fc8774-d168-4c9c-b72e-79060faa5dee", + "bom-ref": "urn:uuid:fd1ebae6-d9cf-475c-b776-193c2ff20b5c", "id": "CVE-2023-50387", "source": { "name": "debian-distro-debian-12", @@ -18554,7 +18554,7 @@ ] }, { - "bom-ref": "urn:uuid:12cc4cc8-9734-4e5c-bbf5-5ea53e09caf3", + "bom-ref": "urn:uuid:638cb2d1-0218-476c-bee2-acb79ab3962f", "id": "CVE-2023-50387", "source": { "name": "debian-distro-debian-12", @@ -18587,7 +18587,7 @@ ] }, { - "bom-ref": "urn:uuid:d54d3582-13a5-4610-9786-f62c6d99c09b", + "bom-ref": "urn:uuid:6869ec56-b41d-4c00-be5c-dbacba004a42", "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", @@ -18620,7 +18620,7 @@ ] }, { - "bom-ref": "urn:uuid:be71e65f-c4fb-49fa-9203-fdb7d5a10ded", + "bom-ref": "urn:uuid:c917e5b8-d5fa-4e86-847e-f86b2440769f", "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", @@ -18653,7 +18653,7 @@ ] }, { - "bom-ref": "urn:uuid:5ba3dc49-c6fe-45ab-9135-116606dba9c3", + "bom-ref": "urn:uuid:b56e7cf1-0621-43be-84c7-b845da663a80", "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", @@ -18686,7 +18686,7 @@ ] }, { - "bom-ref": "urn:uuid:d84c0fe0-e014-4ad8-ba49-fc1504b3fd98", + "bom-ref": "urn:uuid:3b2edcc7-ea62-4cc0-bf69-e56ffacc1b70", "id": "CVE-2023-50495", "source": { "name": "debian-distro-debian-12", @@ -18719,7 +18719,7 @@ ] }, { - "bom-ref": "urn:uuid:343cc7f9-3306-4e48-9b26-b9e61862e220", + "bom-ref": "urn:uuid:d281d9cf-490f-462b-abc2-04b3c92c5b04", "id": "CVE-2023-50868", "source": { "name": "debian-distro-debian-12", @@ -18752,7 +18752,7 @@ ] }, { - "bom-ref": "urn:uuid:388f6c75-c3da-44bc-8dac-5adb6faa5166", + "bom-ref": "urn:uuid:54a4b006-7c5b-48eb-a74d-2bf6f4a13471", "id": "CVE-2023-50868", "source": { "name": "debian-distro-debian-12", @@ -18785,7 +18785,7 @@ ] }, { - "bom-ref": "urn:uuid:fc455c49-a38f-4fc2-a55a-e38ae5dacfa2", + "bom-ref": "urn:uuid:b0d17a8d-1acf-46a5-8f07-fec8e6c48faf", "id": "CVE-2023-52425", "source": { "name": "debian-distro-debian-12", @@ -18818,7 +18818,7 @@ ] }, { - "bom-ref": "urn:uuid:7a00d0fc-a3e1-44b8-8d25-facc902f0e2d", + "bom-ref": "urn:uuid:12b2ce51-4e1e-485b-9887-9f583e4161f1", "id": "CVE-2023-52426", "source": { "name": "debian-distro-debian-12", @@ -18851,7 +18851,7 @@ ] }, { - "bom-ref": "urn:uuid:654baed7-fa82-4c17-9d1d-4b6c39e12859", + "bom-ref": "urn:uuid:22bd82e8-355e-437b-ae98-b2aaf9b48c6e", "id": "CVE-2023-5678", "source": { "name": "debian-distro-debian-12", @@ -18884,7 +18884,7 @@ ] }, { - "bom-ref": "urn:uuid:76532427-c4a4-4847-823c-50b0b0fb99c8", + "bom-ref": "urn:uuid:215925d1-ea29-4869-8749-37a838efe68e", "id": "CVE-2023-5678", "source": { "name": "debian-distro-debian-12", @@ -18917,7 +18917,7 @@ ] }, { - "bom-ref": "urn:uuid:c1f47305-7b47-42f1-ab99-a62621c99f19", + "bom-ref": "urn:uuid:b90b8bc6-0617-4b49-886d-17e6c189d4c4", "id": "CVE-2023-6129", "source": { "name": "debian-distro-debian-12", @@ -18950,7 +18950,7 @@ ] }, { - "bom-ref": "urn:uuid:86449429-7608-47e4-a571-5e52d4b07532", + "bom-ref": "urn:uuid:858e2c8e-79d1-4c2d-ad71-c67a279cc6a6", "id": "CVE-2023-6129", "source": { "name": "debian-distro-debian-12", @@ -18983,7 +18983,7 @@ ] }, { - "bom-ref": "urn:uuid:04719495-8a9f-4444-aa9c-003bce816575", + "bom-ref": "urn:uuid:ba506251-643f-4aed-b752-cb69171741eb", "id": "CVE-2023-6237", "source": { "name": "debian-distro-debian-12", @@ -19016,7 +19016,7 @@ ] }, { - "bom-ref": "urn:uuid:235c21d9-fe7f-45e3-a11c-5d1f8b6a44b3", + "bom-ref": "urn:uuid:69066fb8-51b1-4d30-84c5-f396ce78c23d", "id": "CVE-2023-6237", "source": { "name": "debian-distro-debian-12", @@ -19049,7 +19049,7 @@ ] }, { - "bom-ref": "urn:uuid:2b04b6c3-fc89-424b-85b7-7d783150aa44", + "bom-ref": "urn:uuid:ae18ae7c-ed5e-477d-a3ee-cb4f6d24fe90", "id": "CVE-2023-7104", "source": { "name": "debian-distro-debian-12", @@ -19082,7 +19082,7 @@ ] }, { - "bom-ref": "urn:uuid:dcf61209-1e26-4010-8b3a-2f88613c1dd8", + "bom-ref": "urn:uuid:f3493821-52cd-4b36-80e1-8e933d2aa9e9", "id": "CVE-2024-0232", "source": { "name": "debian-distro-debian-12", @@ -19115,7 +19115,7 @@ ] }, { - "bom-ref": "urn:uuid:fd9417fc-7a79-40e4-8498-b5d3783b0552", + "bom-ref": "urn:uuid:81c8a033-ea21-4a78-b299-4f66db599eb9", "id": "CVE-2024-0397", "source": { "name": "nvd-cpe", @@ -19132,7 +19132,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 7.4, + "severity": "high", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "description": "A defect was discovered in the Python “ssl” module where there is a memory\nrace condition with the ssl.SSLContext methods “cert_store_stats()” and\n“get_ca_certs()”. The race condition can be triggered if the methods are\ncalled at the same time as certificates are loaded into the SSLContext,\nsuch as during the TLS handshake with a certificate directory configured.\nThis issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.", @@ -19175,7 +19178,7 @@ ] }, { - "bom-ref": "urn:uuid:946bb28f-d825-427e-a6a8-599f5f3a4cab", + "bom-ref": "urn:uuid:60e8c8d5-aeda-4ff8-9f63-4947ed67163f", "id": "CVE-2024-0727", "source": { "name": "debian-distro-debian-12", @@ -19208,7 +19211,7 @@ ] }, { - "bom-ref": "urn:uuid:e88fd726-d2e8-401c-aca4-fb8d4d4bdda6", + "bom-ref": "urn:uuid:14db9fa5-b13a-4d1a-821c-7c3312cf1044", "id": "CVE-2024-0727", "source": { "name": "debian-distro-debian-12", @@ -19241,7 +19244,7 @@ ] }, { - "bom-ref": "urn:uuid:324e1a26-bbe6-4aa0-af8a-2b706a819cf0", + "bom-ref": "urn:uuid:dad3bf20-95f0-44f5-9ab3-e3a57cb3b526", "id": "CVE-2024-2236", "source": { "name": "debian-distro-debian-12", @@ -19274,7 +19277,7 @@ ] }, { - "bom-ref": "urn:uuid:607da6dd-bf65-4d08-819e-b066cb410de9", + "bom-ref": "urn:uuid:881d2cf7-b177-4dda-be21-a4c41576a419", "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", @@ -19307,7 +19310,7 @@ ] }, { - "bom-ref": "urn:uuid:6de10893-e675-4206-ab2f-06e0b64de07f", + "bom-ref": "urn:uuid:415852ae-854a-456a-9d84-06013f7c30d3", "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", @@ -19340,7 +19343,7 @@ ] }, { - "bom-ref": "urn:uuid:d11fd069-43ad-46e3-974b-5fa750a5de21", + "bom-ref": "urn:uuid:709afc4b-9ad3-4038-bf73-2ed99cb973b4", "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", @@ -19373,7 +19376,7 @@ ] }, { - "bom-ref": "urn:uuid:e776f3ba-d53d-4ac0-bbd8-1ab02deff0c4", + "bom-ref": "urn:uuid:9c28b5e5-6280-4f7e-834e-594105ea0674", "id": "CVE-2024-22365", "source": { "name": "debian-distro-debian-12", @@ -19406,7 +19409,7 @@ ] }, { - "bom-ref": "urn:uuid:b8682ba7-5f8c-41d4-abd6-fb8d1699e80f", + "bom-ref": "urn:uuid:f8c0fb4e-bc96-4343-8b85-0c9c2c87c040", "id": "CVE-2024-2511", "source": { "name": "debian-distro-debian-12", @@ -19439,7 +19442,7 @@ ] }, { - "bom-ref": "urn:uuid:3a4ceedc-e05a-401f-a357-1128a6e8adde", + "bom-ref": "urn:uuid:f7782e0d-bfa7-4aff-964a-f40bc4beaafc", "id": "CVE-2024-2511", "source": { "name": "debian-distro-debian-12", @@ -19472,7 +19475,7 @@ ] }, { - "bom-ref": "urn:uuid:70724e47-dbec-4eca-ba39-8b81c82b2865", + "bom-ref": "urn:uuid:3e893eed-26d5-4c61-8b01-3314a5ccfa9a", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -19505,7 +19508,7 @@ ] }, { - "bom-ref": "urn:uuid:15d4ffa6-d201-400e-be84-d2cb562d8b08", + "bom-ref": "urn:uuid:a15289b6-5bee-4b3d-8bcb-abe4c2e09580", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -19538,7 +19541,7 @@ ] }, { - "bom-ref": "urn:uuid:19ebb425-c2f9-448c-a5b9-dca48d2f9395", + "bom-ref": "urn:uuid:bc206e65-510f-476b-97d0-b9499971b766", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -19571,7 +19574,7 @@ ] }, { - "bom-ref": "urn:uuid:907246db-eabf-4883-9446-f0f4d3180bc2", + "bom-ref": "urn:uuid:b8fcf569-ada6-4591-a168-c90c8132acbf", "id": "CVE-2024-26458", "source": { "name": "debian-distro-debian-12", @@ -19604,7 +19607,7 @@ ] }, { - "bom-ref": "urn:uuid:33e041f0-bc11-4729-8fed-362b21c8d599", + "bom-ref": "urn:uuid:50015542-34fb-4ea7-ae0a-977cb55a90e6", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -19637,7 +19640,7 @@ ] }, { - "bom-ref": "urn:uuid:eaaa5453-99c2-49f6-8dc3-7a4657ff2f37", + "bom-ref": "urn:uuid:68d6672f-201c-49bc-bb07-c52c5f0e72fb", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -19670,7 +19673,7 @@ ] }, { - "bom-ref": "urn:uuid:96b0b071-b755-4487-aa1e-f043a23c8fe5", + "bom-ref": "urn:uuid:c965e67f-3c39-4ab3-a26c-608d359814db", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -19703,7 +19706,7 @@ ] }, { - "bom-ref": "urn:uuid:54fde1c6-37c9-47e1-ab1d-2fae0da4db95", + "bom-ref": "urn:uuid:a32b34bf-ade2-4b6e-82c4-5dd84ad6f6a6", "id": "CVE-2024-26461", "source": { "name": "debian-distro-debian-12", @@ -19736,7 +19739,7 @@ ] }, { - "bom-ref": "urn:uuid:b898e552-cd66-4f2f-a86e-781048fb07ae", + "bom-ref": "urn:uuid:aee69a63-f619-4583-b0c4-f6b772146652", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -19769,7 +19772,7 @@ ] }, { - "bom-ref": "urn:uuid:3d062f39-cbfd-4a0d-88b3-ce4cba3e057e", + "bom-ref": "urn:uuid:40866779-e963-4c53-962e-d5b036fb7ca0", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -19802,7 +19805,7 @@ ] }, { - "bom-ref": "urn:uuid:31550b66-528c-4747-ab22-f693e4bc2e64", + "bom-ref": "urn:uuid:2811057b-ba57-4008-bdd5-7c3e2d688dfc", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -19835,7 +19838,7 @@ ] }, { - "bom-ref": "urn:uuid:23d4fec2-7e47-4eb4-8f46-7cf852e41178", + "bom-ref": "urn:uuid:08c8dec4-2258-4d07-91f2-2e08fb2b0d94", "id": "CVE-2024-26462", "source": { "name": "debian-distro-debian-12", @@ -19868,7 +19871,7 @@ ] }, { - "bom-ref": "urn:uuid:0b9689c5-3eaa-4da4-8221-1f4f03775f46", + "bom-ref": "urn:uuid:2525321f-871a-413b-ade2-8cfb8d749e6f", "id": "CVE-2024-28757", "source": { "name": "debian-distro-debian-12", @@ -19901,7 +19904,7 @@ ] }, { - "bom-ref": "urn:uuid:1d6ec03b-c559-427f-a219-975a23b75fec", + "bom-ref": "urn:uuid:beaacc96-0890-4300-b769-63d35b5f140b", "id": "CVE-2024-28834", "source": { "name": "debian-distro-debian-12", @@ -19934,7 +19937,7 @@ ] }, { - "bom-ref": "urn:uuid:a15289c0-a9a3-4831-9205-5b39a407c4d9", + "bom-ref": "urn:uuid:3a2a8b6d-4627-4a0f-927e-1025b120c3a2", "id": "CVE-2024-28835", "source": { "name": "debian-distro-debian-12", @@ -19967,7 +19970,7 @@ ] }, { - "bom-ref": "urn:uuid:585fd42c-0a2a-4fa0-8adb-f0ad2f67c383", + "bom-ref": "urn:uuid:2d730b93-84ff-45c4-adc0-7d7ea9591b97", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -19987,6 +19990,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -19999,7 +20003,7 @@ ] }, { - "bom-ref": "urn:uuid:1e2dde39-40b1-412c-9db7-a51cb76fd1ba", + "bom-ref": "urn:uuid:a1bb1c0b-c94b-49e7-86ce-adaa49a31bc8", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -20019,6 +20023,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -20031,7 +20036,7 @@ ] }, { - "bom-ref": "urn:uuid:05cb107a-5f92-4cc1-b4e5-037d8b5e3c5d", + "bom-ref": "urn:uuid:6a5827d4-3c01-4b37-a9a8-8e273a940e10", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -20051,6 +20056,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -20063,7 +20069,7 @@ ] }, { - "bom-ref": "urn:uuid:db27260c-213e-439a-a86f-3029e36634e9", + "bom-ref": "urn:uuid:c19aea52-8dbd-416a-b53b-a743759879e6", "id": "CVE-2024-37370", "source": { "name": "debian-distro-debian-12", @@ -20083,6 +20089,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37370" @@ -20095,7 +20102,7 @@ ] }, { - "bom-ref": "urn:uuid:cff05f3e-83a9-4862-8a16-6712b225253a", + "bom-ref": "urn:uuid:7f0d6a26-5b20-43b9-84c8-c66b2dcc2be8", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -20115,6 +20122,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -20127,7 +20135,7 @@ ] }, { - "bom-ref": "urn:uuid:45e60a3d-733a-4027-86fa-8abca109310a", + "bom-ref": "urn:uuid:27c9609a-9492-4cd7-b6ca-12ce4253015e", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -20147,6 +20155,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -20159,7 +20168,7 @@ ] }, { - "bom-ref": "urn:uuid:25bc6cca-930f-4149-af99-4e11c1188d57", + "bom-ref": "urn:uuid:659d91a1-931e-472f-8617-2d204fc285ad", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -20179,6 +20188,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -20191,7 +20201,7 @@ ] }, { - "bom-ref": "urn:uuid:0a1894fa-22df-4922-920a-18f77b575fdc", + "bom-ref": "urn:uuid:6839ec84-4195-45a0-9769-c11a9a283ea0", "id": "CVE-2024-37371", "source": { "name": "debian-distro-debian-12", @@ -20211,6 +20221,7 @@ "severity": "unknown" } ], + "description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-37371" @@ -20223,7 +20234,7 @@ ] }, { - "bom-ref": "urn:uuid:fd1b8893-4773-4baf-addd-0d65bcff4f12", + "bom-ref": "urn:uuid:48277697-89cc-4350-b9e4-554127194acc", "id": "CVE-2024-4030", "source": { "name": "nvd-cpe", @@ -20240,7 +20251,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 7.1, + "severity": "high", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "description": "On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions.\n\nIf you’re not using Windows or haven’t changed the temporary directory location then you aren’t affected by this vulnerability. On other platforms the returned directory is consistently readable and writable only by the current user.\n\nThis issue was caused by Python not supporting Unix permissions on Windows. The fix adds support for Unix “700” for the mkdir function on Windows which is used by mkdtemp() to ensure the newly created directory has the proper permissions.\n", @@ -20295,7 +20309,7 @@ ] }, { - "bom-ref": "urn:uuid:d446e9ef-a1e7-4719-a53f-69d60a975729", + "bom-ref": "urn:uuid:52bffc72-b5f7-4ecc-beec-9073b0ea51c4", "id": "CVE-2024-4032", "source": { "name": "nvd-cpe", @@ -20361,7 +20375,7 @@ ] }, { - "bom-ref": "urn:uuid:9351f301-0a61-45a8-b2b7-39eba3300964", + "bom-ref": "urn:uuid:b218a439-a05b-4a87-b91c-3dec6671f20a", "id": "CVE-2024-4603", "source": { "name": "debian-distro-debian-12", @@ -20394,7 +20408,7 @@ ] }, { - "bom-ref": "urn:uuid:faa0d2b7-b77b-4375-b1fb-0b3adef6bca3", + "bom-ref": "urn:uuid:fd044f6a-68bf-41be-a17f-c96246fc50c1", "id": "CVE-2024-4603", "source": { "name": "debian-distro-debian-12", @@ -20427,7 +20441,7 @@ ] }, { - "bom-ref": "urn:uuid:e0a25d2a-9efd-4133-80ae-95dcae34f86f", + "bom-ref": "urn:uuid:db145402-1678-4e23-b734-36158eee8b55", "id": "CVE-2024-4741", "source": { "name": "debian-distro-debian-12", @@ -20459,7 +20473,7 @@ ] }, { - "bom-ref": "urn:uuid:258c4701-6591-4a7a-80c0-f6236bcafc2e", + "bom-ref": "urn:uuid:3c13e4a3-fc06-4539-939c-1e0ee67a6ebd", "id": "CVE-2024-4741", "source": { "name": "debian-distro-debian-12", @@ -20491,7 +20505,7 @@ ] }, { - "bom-ref": "urn:uuid:eb48791a-edc4-4e8d-8adf-86ad67915828", + "bom-ref": "urn:uuid:34a3f15f-8038-406f-bd18-eea00174e4ee", "id": "CVE-2024-5535", "source": { "name": "debian-distro-debian-12", @@ -20508,9 +20522,10 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "critical" } ], + "description": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-5535" @@ -20523,7 +20538,7 @@ ] }, { - "bom-ref": "urn:uuid:7fca8e1d-3940-4a98-963d-d0e2af126e61", + "bom-ref": "urn:uuid:bf41897b-b855-44cb-a482-d5f0128b519c", "id": "CVE-2024-5535", "source": { "name": "debian-distro-debian-12", @@ -20540,9 +20555,10 @@ ], "ratings": [ { - "severity": "unknown" + "severity": "critical" } ], + "description": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.", "advisories": [ { "url": "https://security-tracker.debian.org/tracker/CVE-2024-5535" @@ -20555,7 +20571,55 @@ ] }, { - "bom-ref": "urn:uuid:50670c1b-ae18-4c28-9a4e-eb4862b24e3e", + "bom-ref": "urn:uuid:9d22b05f-36d1-4626-8526-9d48174abc51", + "id": "CVE-2024-5642", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5642" + }, + "references": [ + { + "id": "CVE-2024-5642", + "source": { + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5642" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "description": "CPython 3.9 and earlier doesn't disallow configuring an empty list (\"[]\") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured).", + "advisories": [ + { + "url": "http://www.openwall.com/lists/oss-security/2024/06/28/4" + }, + { + "url": "https://github.com/python/cpython/commit/39258d3595300bc7b952854c915f63ae2d4b9c3e" + }, + { + "url": "https://github.com/python/cpython/issues/121227" + }, + { + "url": "https://github.com/python/cpython/pull/23014" + }, + { + "url": "https://jbp.io/2024/06/27/cve-2024-5535-openssl-memory-safety.html" + }, + { + "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/" + } + ], + "affects": [ + { + "ref": "pkg:generic/python@3.9.19?package-id=20567ecc1ca60fb2" + } + ] + }, + { + "bom-ref": "urn:uuid:8119763a-d88a-4019-a6e0-acfafd40df3c", "id": "GHSA-mq26-g339-26xf", "source": { "name": "github-language-python", @@ -20591,7 +20655,7 @@ ] }, { - "bom-ref": "urn:uuid:6775f2dc-1092-49af-91ff-d639f74c1b02", + "bom-ref": "urn:uuid:ae973185-939b-43a9-8528-d24cca22fdc7", "id": "GHSA-r9hx-vwmv-q579", "source": { "name": "github-language-python", diff --git a/sboms/ghcr.io_element-hq_docker-clamav:1.1-patch2.json b/sboms/ghcr.io_element-hq_docker-clamav:1.1-patch2.json index 7a38c89..e568fe4 100644 --- a/sboms/ghcr.io_element-hq_docker-clamav:1.1-patch2.json +++ b/sboms/ghcr.io_element-hq_docker-clamav:1.1-patch2.json @@ -1,18 +1,18 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:2098606c-645e-4e9d-9ba7-d17c06b8c69b", + "specVersion": "1.6", + "serialNumber": "urn:uuid:10406cd8-fe47-4e3d-bd17-7ca2e8f2f806", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:54:30Z", + "timestamp": "2024-07-05T11:45:58Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, @@ -3924,7 +3924,7 @@ ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:8885c18f-dd63-42f7-b0f1-c98facd23d34", + "bom-ref": "urn:uuid:620ae34d-31db-41f5-b1f3-d7c9c534e823", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.19", @@ -3956,7 +3956,7 @@ ] }, { - "bom-ref": "urn:uuid:f9c6e4bf-09e7-4485-b6ad-1027203c1e1c", + "bom-ref": "urn:uuid:f07ef2ac-53e3-4f19-80cb-a1ade67fc58d", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.19", @@ -3988,7 +3988,7 @@ ] }, { - "bom-ref": "urn:uuid:a498de8e-3d50-478c-bec3-e205896b643a", + "bom-ref": "urn:uuid:e4b9f00b-b5e2-4583-9beb-ea3390515da0", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.19", @@ -4020,7 +4020,7 @@ ] }, { - "bom-ref": "urn:uuid:d6fb1bac-cf59-4735-b361-0989d1bfab6b", + "bom-ref": "urn:uuid:b62c8232-d628-4ed8-9aa3-0f13105401de", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.19", @@ -4052,7 +4052,7 @@ ] }, { - "bom-ref": "urn:uuid:0d66b7dd-bed3-4aab-a6b6-73e6959ae2c5", + "bom-ref": "urn:uuid:35150328-bb6a-48e2-aa75-9f467aa2ee27", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.19", @@ -4084,7 +4084,7 @@ ] }, { - "bom-ref": "urn:uuid:128d11dd-904d-49d6-a798-bc02d8a84558", + "bom-ref": "urn:uuid:cbf41751-6c33-497f-9ab1-0bf95340c7be", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.19", @@ -4116,7 +4116,7 @@ ] }, { - "bom-ref": "urn:uuid:078bf6d9-7de3-422f-8c4d-3de67d45f3ae", + "bom-ref": "urn:uuid:fb55faed-cbb8-4d9e-a561-474eeb5913fe", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.19", @@ -4148,7 +4148,7 @@ ] }, { - "bom-ref": "urn:uuid:057c8fca-4c9f-43ab-afbb-ca00685045e8", + "bom-ref": "urn:uuid:cf95d111-7bab-470e-a07b-cd71ac87a793", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.19", @@ -4180,7 +4180,7 @@ ] }, { - "bom-ref": "urn:uuid:549928c8-63bb-442b-b7d8-c5651ff4abe4", + "bom-ref": "urn:uuid:4a6a47a9-04e2-47aa-9322-b5a2eb25106d", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.19", @@ -4212,7 +4212,7 @@ ] }, { - "bom-ref": "urn:uuid:2c8be4b0-5b76-4fbc-ab80-5f584a8c446c", + "bom-ref": "urn:uuid:461d52fb-1c57-4826-8edf-b6243f97aa4a", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.19", @@ -4244,7 +4244,7 @@ ] }, { - "bom-ref": "urn:uuid:87213037-98e3-4241-bbec-0a7a581d7605", + "bom-ref": "urn:uuid:aad2b337-3866-48d8-8d69-dbbe3629c7aa", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.19", @@ -4276,7 +4276,7 @@ ] }, { - "bom-ref": "urn:uuid:cf422d92-4432-499b-b402-a062d5db4d43", + "bom-ref": "urn:uuid:dbf5e314-450b-41a0-8b83-00596e37acb0", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.19", @@ -4308,7 +4308,7 @@ ] }, { - "bom-ref": "urn:uuid:7172660b-a795-4365-a95b-36054b581e58", + "bom-ref": "urn:uuid:81b4988f-b5d7-4b0c-8187-b3b6410d337f", "id": "CVE-2024-25062", "source": { "name": "alpine-distro-alpine-3.19", @@ -4340,7 +4340,7 @@ ] }, { - "bom-ref": "urn:uuid:9c1535a7-86ac-4723-8b68-37817e8bae1d", + "bom-ref": "urn:uuid:bf18f277-93a4-4a33-9a8c-6945a0ed543c", "id": "CVE-2024-2511", "source": { "name": "alpine-distro-alpine-3.19", @@ -4372,7 +4372,7 @@ ] }, { - "bom-ref": "urn:uuid:b2adaf72-7030-4c64-b6e2-b44d9f0f5919", + "bom-ref": "urn:uuid:7e35d7d2-2906-4f25-9c59-300d6fa9aea5", "id": "CVE-2024-2511", "source": { "name": "alpine-distro-alpine-3.19", @@ -4404,7 +4404,7 @@ ] }, { - "bom-ref": "urn:uuid:df26b251-4f91-4e7d-8b6c-84031cb6afa1", + "bom-ref": "urn:uuid:e91318fa-a70c-4a08-90f9-aec4bd65f31d", "id": "CVE-2024-25629", "source": { "name": "alpine-distro-alpine-3.19", @@ -4436,7 +4436,7 @@ ] }, { - "bom-ref": "urn:uuid:65035966-3bfa-4026-bc6b-b9d26e78dbfc", + "bom-ref": "urn:uuid:c734564d-fcf7-422e-b7e3-a899e8d659c1", "id": "CVE-2024-28182", "source": { "name": "nvd-cpe", @@ -4493,7 +4493,7 @@ ] }, { - "bom-ref": "urn:uuid:2ef08f61-b138-4b0f-b898-a6e1f6eca845", + "bom-ref": "urn:uuid:95c49e2f-564e-4514-81b6-8cc63230c3ef", "id": "CVE-2024-34459", "source": { "name": "alpine-distro-alpine-3.19", @@ -4525,7 +4525,7 @@ ] }, { - "bom-ref": "urn:uuid:7671e4a6-d9aa-4000-a244-28aaa37e654a", + "bom-ref": "urn:uuid:74eb3930-90e8-471b-bb49-3ae879ac606f", "id": "CVE-2024-4603", "source": { "name": "alpine-distro-alpine-3.19", @@ -4557,7 +4557,7 @@ ] }, { - "bom-ref": "urn:uuid:2243c3f4-ff6f-4cbb-a203-6a5b12b690b9", + "bom-ref": "urn:uuid:5fe44760-54ab-4d03-8035-d39d2caae786", "id": "CVE-2024-4603", "source": { "name": "alpine-distro-alpine-3.19", @@ -4587,6 +4587,134 @@ "ref": "pkg:apk/alpine/libssl3@3.1.4-r5?arch=x86_64&upstream=openssl&distro=alpine-3.19.1&package-id=5f7aa9549ece55ec" } ] + }, + { + "bom-ref": "urn:uuid:7de815d2-5bae-4499-931f-f84b6a70c1ef", + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + }, + "references": [ + { + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libcrypto3@3.1.4-r5?arch=x86_64&upstream=openssl&distro=alpine-3.19.1&package-id=371d9115be79e528" + } + ] + }, + { + "bom-ref": "urn:uuid:436a3aa5-6ce8-4549-85c9-fe9ec9d4c179", + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + }, + "references": [ + { + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libssl3@3.1.4-r5?arch=x86_64&upstream=openssl&distro=alpine-3.19.1&package-id=5f7aa9549ece55ec" + } + ] + }, + { + "bom-ref": "urn:uuid:187f4c25-0a85-4286-9d03-60fe451620fa", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libcrypto3@3.1.4-r5?arch=x86_64&upstream=openssl&distro=alpine-3.19.1&package-id=371d9115be79e528" + } + ] + }, + { + "bom-ref": "urn:uuid:f6e54a3b-8bc6-4453-9eb0-5b5a91c2c8f6", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.19", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libssl3@3.1.4-r5?arch=x86_64&upstream=openssl&distro=alpine-3.19.1&package-id=5f7aa9549ece55ec" + } + ] } ] } diff --git a/sboms/ghcr.io_element-hq_docker-icap:core-0.5.10-mod-0.5.5-patch2.json b/sboms/ghcr.io_element-hq_docker-icap:core-0.5.10-mod-0.5.5-patch2.json index 4765ec5..2a10c18 100644 --- a/sboms/ghcr.io_element-hq_docker-icap:core-0.5.10-mod-0.5.5-patch2.json +++ b/sboms/ghcr.io_element-hq_docker-icap:core-0.5.10-mod-0.5.5-patch2.json @@ -1,18 +1,18 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:40ec350f-9019-49c7-8e65-ba5d2a19164a", + "specVersion": "1.6", + "serialNumber": "urn:uuid:51dacdb3-4bfa-424f-944d-0a9a41b35f0c", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:54:32Z", + "timestamp": "2024-07-05T11:46:00Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, @@ -2370,7 +2370,7 @@ ], "vulnerabilities": [ { - "bom-ref": "urn:uuid:1ff419b0-f356-4d6f-9351-284bd1009cbd", + "bom-ref": "urn:uuid:8881ae74-496e-4168-86c8-323974a1f844", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.18", @@ -2402,7 +2402,7 @@ ] }, { - "bom-ref": "urn:uuid:bf9f2c2a-b0d8-48f9-92fd-109981afdfa7", + "bom-ref": "urn:uuid:ee750401-9110-4268-9991-cda330dfbded", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.18", @@ -2434,7 +2434,7 @@ ] }, { - "bom-ref": "urn:uuid:84561b6c-1465-40e2-9f28-83e4e4349705", + "bom-ref": "urn:uuid:32371713-46de-47aa-b007-54d714231a60", "id": "CVE-2023-42363", "source": { "name": "alpine-distro-alpine-3.18", @@ -2466,7 +2466,7 @@ ] }, { - "bom-ref": "urn:uuid:515c6da5-50cd-4841-abb1-ee60c1136c7b", + "bom-ref": "urn:uuid:e1211212-88a8-4360-80d8-97af9fa4330b", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.18", @@ -2498,7 +2498,7 @@ ] }, { - "bom-ref": "urn:uuid:ba07993f-8236-4d96-a778-0bb9a881c0b1", + "bom-ref": "urn:uuid:25790b82-0bcf-4695-9df0-1932d6035065", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.18", @@ -2530,7 +2530,7 @@ ] }, { - "bom-ref": "urn:uuid:05fc80ff-313d-47e6-ad8b-66494fe5b469", + "bom-ref": "urn:uuid:9c5b464b-322d-4bfc-97a4-1bef65b2d8fb", "id": "CVE-2023-42364", "source": { "name": "alpine-distro-alpine-3.18", @@ -2562,7 +2562,7 @@ ] }, { - "bom-ref": "urn:uuid:24ec57e1-5019-4351-93ff-2578db5d0535", + "bom-ref": "urn:uuid:13ecfefe-3bcb-4d88-9ef9-77891beb8785", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.18", @@ -2594,7 +2594,7 @@ ] }, { - "bom-ref": "urn:uuid:15975c90-1595-4f91-aa1f-f089085e2298", + "bom-ref": "urn:uuid:976433c4-91d6-4ecd-aecd-0c86c138aee2", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.18", @@ -2626,7 +2626,7 @@ ] }, { - "bom-ref": "urn:uuid:9908d4d2-cdc3-4e60-be0b-46dfc48ed64b", + "bom-ref": "urn:uuid:42c76533-7ec9-4a26-919f-5e34f26ef82c", "id": "CVE-2023-42365", "source": { "name": "alpine-distro-alpine-3.18", @@ -2658,7 +2658,7 @@ ] }, { - "bom-ref": "urn:uuid:80d41691-5d25-45fb-9346-c27818d5237f", + "bom-ref": "urn:uuid:7b11992c-d48b-4f5c-b404-9a9075cef1b1", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.18", @@ -2690,7 +2690,7 @@ ] }, { - "bom-ref": "urn:uuid:62b59f6e-b703-4c49-b188-263453a899dc", + "bom-ref": "urn:uuid:3644ba0d-d01d-48b7-890d-7358854156c3", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.18", @@ -2722,7 +2722,7 @@ ] }, { - "bom-ref": "urn:uuid:6c995ddc-9457-44ff-90ae-cea644e57c3c", + "bom-ref": "urn:uuid:7ea21c39-6e99-470b-bf07-d7d5525cf1e8", "id": "CVE-2023-42366", "source": { "name": "alpine-distro-alpine-3.18", @@ -2754,7 +2754,7 @@ ] }, { - "bom-ref": "urn:uuid:e8a08b8e-4734-4be2-8bdb-81b4023e15c0", + "bom-ref": "urn:uuid:2409bbe4-5b3b-439a-934b-39a18c9e6415", "id": "CVE-2024-4603", "source": { "name": "alpine-distro-alpine-3.18", @@ -2786,7 +2786,7 @@ ] }, { - "bom-ref": "urn:uuid:45640cfe-b865-4968-baba-9af3513e8c79", + "bom-ref": "urn:uuid:6a444ff9-3ef3-4393-8fa1-c31a850002c7", "id": "CVE-2024-4603", "source": { "name": "alpine-distro-alpine-3.18", @@ -2818,7 +2818,7 @@ ] }, { - "bom-ref": "urn:uuid:29e5a837-c697-4d72-b20d-61fa16a8462a", + "bom-ref": "urn:uuid:e3aa8a4b-d09e-4df1-a587-1fe6da4b2494", "id": "CVE-2024-4603", "source": { "name": "alpine-distro-alpine-3.18", @@ -2850,7 +2850,7 @@ ] }, { - "bom-ref": "urn:uuid:ab880b23-36a9-4c70-91a8-3efc922a40bd", + "bom-ref": "urn:uuid:8c884c4a-3df7-43b0-946f-4d9de07ccbef", "id": "CVE-2024-4603", "source": { "name": "alpine-distro-alpine-3.18", @@ -2880,6 +2880,262 @@ "ref": "pkg:apk/alpine/openssl-dev@3.1.4-r6?arch=x86_64&upstream=openssl&distro=alpine-3.18.6&package-id=30793e0e923f157b" } ] + }, + { + "bom-ref": "urn:uuid:894f254c-c4fa-4f83-869d-f84ff419dc31", + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + }, + "references": [ + { + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libcrypto3@3.1.4-r6?arch=x86_64&upstream=openssl&distro=alpine-3.18.6&package-id=74091141cdd657ef" + } + ] + }, + { + "bom-ref": "urn:uuid:41e6811d-8c26-4aed-9c14-b0169043268a", + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + }, + "references": [ + { + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libssl3@3.1.4-r6?arch=x86_64&upstream=openssl&distro=alpine-3.18.6&package-id=f4ab04ba845426a5" + } + ] + }, + { + "bom-ref": "urn:uuid:60a25466-07c0-43fd-a7f4-48ea59a09098", + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + }, + "references": [ + { + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/openssl@3.1.4-r6?arch=x86_64&distro=alpine-3.18.6&package-id=8cb4481ea7a820ef" + } + ] + }, + { + "bom-ref": "urn:uuid:d5e8b66d-9b3e-4d06-820e-9e6d837048d1", + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + }, + "references": [ + { + "id": "CVE-2024-4741", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + } + ], + "ratings": [ + { + "severity": "unknown" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/openssl-dev@3.1.4-r6?arch=x86_64&upstream=openssl&distro=alpine-3.18.6&package-id=30793e0e923f157b" + } + ] + }, + { + "bom-ref": "urn:uuid:dc13cbeb-24f3-4b27-a4ec-87a264de78ca", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libcrypto3@3.1.4-r6?arch=x86_64&upstream=openssl&distro=alpine-3.18.6&package-id=74091141cdd657ef" + } + ] + }, + { + "bom-ref": "urn:uuid:0e564e23-ccd2-42cc-a05c-fa8ce08329cd", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libssl3@3.1.4-r6?arch=x86_64&upstream=openssl&distro=alpine-3.18.6&package-id=f4ab04ba845426a5" + } + ] + }, + { + "bom-ref": "urn:uuid:13fb8b8e-6521-4131-a4a0-fc0dc64f7aa0", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/openssl@3.1.4-r6?arch=x86_64&distro=alpine-3.18.6&package-id=8cb4481ea7a820ef" + } + ] + }, + { + "bom-ref": "urn:uuid:1d91fb16-61e1-47fa-be1d-6bf70de1f772", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.18", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/openssl-dev@3.1.4-r6?arch=x86_64&upstream=openssl&distro=alpine-3.18.6&package-id=30793e0e923f157b" + } + ] } ] } diff --git a/sboms/ghcr.io_matrix-org_sliding-sync:v0.99.17.json b/sboms/ghcr.io_matrix-org_sliding-sync:v0.99.19.json similarity index 84% rename from sboms/ghcr.io_matrix-org_sliding-sync:v0.99.17.json rename to sboms/ghcr.io_matrix-org_sliding-sync:v0.99.19.json index 59e1b1d..aab80e1 100644 --- a/sboms/ghcr.io_matrix-org_sliding-sync:v0.99.17.json +++ b/sboms/ghcr.io_matrix-org_sliding-sync:v0.99.19.json @@ -1,32 +1,32 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:be60f5cc-3d84-40c1-8dde-41170692b26e", + "specVersion": "1.6", + "serialNumber": "urn:uuid:807d34b5-9d5a-4283-9d0a-e72a412a2392", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:54:36Z", + "timestamp": "2024-07-05T11:46:04Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, "component": { - "bom-ref": "310ba5dae890c04f", + "bom-ref": "09f0b049695da104", "type": "container", - "name": "ghcr.io/matrix-org/sliding-sync:v0.99.17", - "version": "v0.99.17" + "name": "ghcr.io/matrix-org/sliding-sync:v0.99.19", + "version": "v0.99.19" }, "properties": null }, "components": [ { - "bom-ref": "pkg:apk/alpine/alpine-baselayout@3.4.0-r0?arch=x86_64&distro=alpine-3.17.7&package-id=0a3b4a9dae4049aa", + "bom-ref": "pkg:apk/alpine/alpine-baselayout@3.4.0-r0?arch=x86_64&distro=alpine-3.17.8&package-id=0a3b4a9dae4049aa", "type": "library", "publisher": "Natanael Copa ", "name": "alpine-baselayout", @@ -40,7 +40,7 @@ } ], "cpe": "cpe:2.3:a:alpine-baselayout:alpine-baselayout:3.4.0-r0:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/alpine-baselayout@3.4.0-r0?arch=x86_64&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/alpine-baselayout@3.4.0-r0?arch=x86_64&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout", @@ -82,7 +82,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -119,7 +119,7 @@ ] }, { - "bom-ref": "pkg:apk/alpine/alpine-baselayout-data@3.4.0-r0?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.17.7&package-id=008bcc1445f44203", + "bom-ref": "pkg:apk/alpine/alpine-baselayout-data@3.4.0-r0?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.17.8&package-id=008bcc1445f44203", "type": "library", "publisher": "Natanael Copa ", "name": "alpine-baselayout-data", @@ -133,7 +133,7 @@ } ], "cpe": "cpe:2.3:a:alpine-baselayout-data:alpine-baselayout-data:3.4.0-r0:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/alpine-baselayout-data@3.4.0-r0?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/alpine-baselayout-data@3.4.0-r0?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout", @@ -191,7 +191,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -220,7 +220,7 @@ ] }, { - "bom-ref": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.17.7&package-id=f0def3051a26afc8", + "bom-ref": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.17.8&package-id=f0def3051a26afc8", "type": "library", "publisher": "Natanael Copa ", "name": "alpine-keys", @@ -234,7 +234,7 @@ } ], "cpe": "cpe:2.3:a:alpine-keys:alpine-keys:2.4-r1:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://alpinelinux.org", @@ -276,7 +276,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -305,11 +305,11 @@ ] }, { - "bom-ref": "pkg:apk/alpine/apk-tools@2.12.10-r1?arch=x86_64&distro=alpine-3.17.7&package-id=0faf8749e7caad06", + "bom-ref": "pkg:apk/alpine/apk-tools@2.12.14-r0?arch=x86_64&distro=alpine-3.17.8&package-id=2f792c9cf3cf5d47", "type": "library", "publisher": "Natanael Copa ", "name": "apk-tools", - "version": "2.12.10-r1", + "version": "2.12.14-r0", "description": "Alpine Package Keeper - package manager for alpine", "licenses": [ { @@ -318,8 +318,8 @@ } } ], - "cpe": "cpe:2.3:a:apk-tools:apk-tools:2.12.10-r1:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/apk-tools@2.12.10-r1?arch=x86_64&distro=alpine-3.17.7", + "cpe": "cpe:2.3:a:apk-tools:apk-tools:2.12.14-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/apk-tools@2.12.14-r0?arch=x86_64&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://gitlab.alpinelinux.org/alpine/apk-tools", @@ -341,27 +341,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apk-tools:apk_tools:2.12.10-r1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apk-tools:apk_tools:2.12.14-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apk_tools:apk-tools:2.12.10-r1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apk_tools:apk-tools:2.12.14-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apk_tools:apk_tools:2.12.10-r1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apk_tools:apk_tools:2.12.14-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apk:apk-tools:2.12.10-r1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apk:apk-tools:2.12.14-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apk:apk_tools:2.12.10-r1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apk:apk_tools:2.12.14-r0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -369,11 +369,11 @@ }, { "name": "syft:metadata:gitCommitOfApkPort", - "value": "0188f510baadbae393472103427b9c1875117136" + "value": "4cd1b0cf511ab36827c4aeafb6a23faa18c197fa" }, { "name": "syft:metadata:installedSize", - "value": "307200" + "value": "299008" }, { "name": "syft:metadata:originPackage", @@ -385,11 +385,11 @@ }, { "name": "syft:metadata:provides:1", - "value": "cmd:apk=2.12.10-r1" + "value": "cmd:apk=2.12.14-r0" }, { "name": "syft:metadata:pullChecksum", - "value": "Q1Ef3iwt+cMdGngEgaFr2URIJhKzQ=" + "value": "Q1HOoSei/SB4v8JReTKt8iyLDJxeg=" }, { "name": "syft:metadata:pullDependencies:0", @@ -417,12 +417,12 @@ }, { "name": "syft:metadata:size", - "value": "120973" + "value": "123539" } ] }, { - "bom-ref": "pkg:apk/alpine/brotli-libs@1.0.9-r9?arch=x86_64&upstream=brotli&distro=alpine-3.17.7&package-id=bde4542835444bf1", + "bom-ref": "pkg:apk/alpine/brotli-libs@1.0.9-r9?arch=x86_64&upstream=brotli&distro=alpine-3.17.8&package-id=bde4542835444bf1", "type": "library", "publisher": "prspkt ", "name": "brotli-libs", @@ -436,7 +436,7 @@ } ], "cpe": "cpe:2.3:a:brotli-libs:brotli-libs:1.0.9-r9:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/brotli-libs@1.0.9-r9?arch=x86_64&upstream=brotli&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/brotli-libs@1.0.9-r9?arch=x86_64&upstream=brotli&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://github.com/google/brotli", @@ -486,7 +486,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -531,11 +531,11 @@ ] }, { - "bom-ref": "pkg:apk/alpine/busybox@1.35.0-r29?arch=x86_64&distro=alpine-3.17.7&package-id=edcf6e67eac04af0", + "bom-ref": "pkg:apk/alpine/busybox@1.35.0-r31?arch=x86_64&distro=alpine-3.17.8&package-id=f300e9f8f2d4355c", "type": "library", "publisher": "Sören Tempel ", "name": "busybox", - "version": "1.35.0-r29", + "version": "1.35.0-r31", "description": "Size optimized toolbox of many common UNIX utilities", "licenses": [ { @@ -544,8 +544,8 @@ } } ], - "cpe": "cpe:2.3:a:busybox:busybox:1.35.0-r29:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/busybox@1.35.0-r29?arch=x86_64&distro=alpine-3.17.7", + "cpe": "cpe:2.3:a:busybox:busybox:1.35.0-r31:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/busybox@1.35.0-r31?arch=x86_64&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://busybox.net/", @@ -567,7 +567,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -575,11 +575,11 @@ }, { "name": "syft:metadata:gitCommitOfApkPort", - "value": "1dbf7a793afae640ea643a055b6dd4f430ac116b" + "value": "14d002092620f03624ffbe33ccffe3b89a64b8ad" }, { "name": "syft:metadata:installedSize", - "value": "962560" + "value": "966656" }, { "name": "syft:metadata:originPackage", @@ -587,11 +587,11 @@ }, { "name": "syft:metadata:provides:0", - "value": "cmd:busybox=1.35.0-r29" + "value": "cmd:busybox=1.35.0-r31" }, { "name": "syft:metadata:pullChecksum", - "value": "Q1NN3sp0yr99btRysqty3nQUrWHaY=" + "value": "Q1bpvt4zSH1bH8cmJEwgmFKLZHeuk=" }, { "name": "syft:metadata:pullDependencies:0", @@ -599,16 +599,16 @@ }, { "name": "syft:metadata:size", - "value": "509600" + "value": "509723" } ] }, { - "bom-ref": "pkg:apk/alpine/busybox-binsh@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=10c99a42ed5bf9d4", + "bom-ref": "pkg:apk/alpine/busybox-binsh@1.35.0-r31?arch=x86_64&upstream=busybox&distro=alpine-3.17.8&package-id=a995da7a1cf14315", "type": "library", "publisher": "Sören Tempel ", "name": "busybox-binsh", - "version": "1.35.0-r29", + "version": "1.35.0-r31", "description": "busybox ash /bin/sh", "licenses": [ { @@ -617,8 +617,8 @@ } } ], - "cpe": "cpe:2.3:a:busybox-binsh:busybox-binsh:1.35.0-r29:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/busybox-binsh@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7", + "cpe": "cpe:2.3:a:busybox-binsh:busybox-binsh:1.35.0-r31:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/busybox-binsh@1.35.0-r31?arch=x86_64&upstream=busybox&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://busybox.net/", @@ -640,27 +640,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:busybox-binsh:busybox_binsh:1.35.0-r29:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:busybox-binsh:busybox_binsh:1.35.0-r31:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:busybox_binsh:busybox-binsh:1.35.0-r29:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:busybox_binsh:busybox-binsh:1.35.0-r31:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:busybox_binsh:busybox_binsh:1.35.0-r29:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:busybox_binsh:busybox_binsh:1.35.0-r31:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:busybox:busybox-binsh:1.35.0-r29:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:busybox:busybox-binsh:1.35.0-r31:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:busybox:busybox_binsh:1.35.0-r29:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:busybox:busybox_binsh:1.35.0-r31:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -668,7 +668,7 @@ }, { "name": "syft:metadata:gitCommitOfApkPort", - "value": "1dbf7a793afae640ea643a055b6dd4f430ac116b" + "value": "14d002092620f03624ffbe33ccffe3b89a64b8ad" }, { "name": "syft:metadata:installedSize", @@ -684,24 +684,24 @@ }, { "name": "syft:metadata:provides:1", - "value": "cmd:sh=1.35.0-r29" + "value": "cmd:sh=1.35.0-r31" }, { "name": "syft:metadata:pullChecksum", - "value": "Q1miWwyhWKXVEiRYLhmArV1TKMs6A=" + "value": "Q1DI7Cqp/Os8EVvApAExDAUVHlG2M=" }, { "name": "syft:metadata:pullDependencies:0", - "value": "busybox=1.35.0-r29" + "value": "busybox=1.35.0-r31" }, { "name": "syft:metadata:size", - "value": "1547" + "value": "1543" } ] }, { - "bom-ref": "pkg:apk/alpine/ca-certificates@20240226-r0?arch=x86_64&distro=alpine-3.17.7&package-id=407923a90eac9d7b", + "bom-ref": "pkg:apk/alpine/ca-certificates@20240226-r0?arch=x86_64&distro=alpine-3.17.8&package-id=407923a90eac9d7b", "type": "library", "publisher": "Natanael Copa ", "name": "ca-certificates", @@ -713,7 +713,7 @@ } ], "cpe": "cpe:2.3:a:ca-certificates:ca-certificates:20240226-r0:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/ca-certificates@20240226-r0?arch=x86_64&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/ca-certificates@20240226-r0?arch=x86_64&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/", @@ -763,7 +763,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -812,19 +812,19 @@ ] }, { - "bom-ref": "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.17.7&package-id=c26e3474bc5d2bf8", + "bom-ref": "pkg:apk/alpine/ca-certificates-bundle@20240226-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.17.8&package-id=234854d89fbfe9be", "type": "library", "publisher": "Natanael Copa ", "name": "ca-certificates-bundle", - "version": "20230506-r0", + "version": "20240226-r0", "description": "Pre generated bundle of Mozilla certificates", "licenses": [ { "expression": "MPL-2.0 AND MIT" } ], - "cpe": "cpe:2.3:a:ca-certificates-bundle:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.17.7", + "cpe": "cpe:2.3:a:ca-certificates-bundle:ca-certificates-bundle:20240226-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/ca-certificates-bundle@20240226-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/", @@ -846,51 +846,51 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ca-certificates-bundle:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ca-certificates-bundle:ca_certificates_bundle:20240226-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ca_certificates_bundle:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ca_certificates_bundle:ca-certificates-bundle:20240226-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ca_certificates_bundle:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ca_certificates_bundle:ca_certificates_bundle:20240226-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ca-certificates:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ca-certificates:ca-certificates-bundle:20240226-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ca-certificates:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ca-certificates:ca_certificates_bundle:20240226-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ca_certificates:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ca_certificates:ca-certificates-bundle:20240226-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ca_certificates:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ca_certificates:ca_certificates_bundle:20240226-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:mozilla:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:mozilla:ca-certificates-bundle:20240226-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:mozilla:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:mozilla:ca_certificates_bundle:20240226-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ca:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ca:ca-certificates-bundle:20240226-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ca:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ca:ca_certificates_bundle:20240226-r0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -898,11 +898,11 @@ }, { "name": "syft:metadata:gitCommitOfApkPort", - "value": "c56ff944f7d21017702e916e9546ee10389aef62" + "value": "9190933bfb50279025c42ffe8030753fbfd0e71a" }, { "name": "syft:metadata:installedSize", - "value": "237568" + "value": "241664" }, { "name": "syft:metadata:originPackage", @@ -910,20 +910,20 @@ }, { "name": "syft:metadata:provides:0", - "value": "ca-certificates-cacert=20230506-r0" + "value": "ca-certificates-cacert=20240226-r0" }, { "name": "syft:metadata:pullChecksum", - "value": "Q13X+cgKNwpP6viqMRvLV8Pp+2NV4=" + "value": "Q1QFWQvABuedknNSqtDccj0xOa3qI=" }, { "name": "syft:metadata:size", - "value": "126306" + "value": "130238" } ] }, { - "bom-ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.7&package-id=84e74ed734ce02fc", + "bom-ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.8&package-id=84e74ed734ce02fc", "type": "library", "publisher": "Natanael Copa ", "name": "curl", @@ -937,7 +937,7 @@ } ], "cpe": "cpe:2.3:a:curl:curl:8.5.0-r0:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://curl.se/", @@ -963,7 +963,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -1037,7 +1037,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1091,7 +1091,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1145,7 +1145,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1199,7 +1199,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1253,7 +1253,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1307,7 +1307,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1365,7 +1365,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1427,7 +1427,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1489,7 +1489,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1543,7 +1543,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1597,7 +1597,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1671,7 +1671,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1725,7 +1725,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1779,7 +1779,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1841,7 +1841,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1870,12 +1870,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/matrix-org/sliding-sync@v0.0.0-20240510132532-693587ef7e1c?package-id=8905e826dfd78061", + "bom-ref": "pkg:golang/github.com/matrix-org/sliding-sync@v0.0.0-20240628152009-f70dbe0186ec?package-id=a8b38d6361c925d6", "type": "library", "name": "github.com/matrix-org/sliding-sync", - "version": "v0.0.0-20240510132532-693587ef7e1c", - "cpe": "cpe:2.3:a:matrix-org:sliding-sync:v0.0.0-20240510132532-693587ef7e1c:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/matrix-org/sliding-sync@v0.0.0-20240510132532-693587ef7e1c", + "version": "v0.0.0-20240628152009-f70dbe0186ec", + "cpe": "cpe:2.3:a:matrix-org:sliding-sync:v0.0.0-20240628152009-f70dbe0186ec:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/matrix-org/sliding-sync@v0.0.0-20240628152009-f70dbe0186ec", "properties": [ { "name": "syft:package:foundBy", @@ -1895,27 +1895,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix-org:sliding_sync:v0.0.0-20240510132532-693587ef7e1c:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix-org:sliding_sync:v0.0.0-20240628152009-f70dbe0186ec:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org:sliding-sync:v0.0.0-20240510132532-693587ef7e1c:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org:sliding-sync:v0.0.0-20240628152009-f70dbe0186ec:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix_org:sliding_sync:v0.0.0-20240510132532-693587ef7e1c:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix_org:sliding_sync:v0.0.0-20240628152009-f70dbe0186ec:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix:sliding-sync:v0.0.0-20240510132532-693587ef7e1c:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix:sliding-sync:v0.0.0-20240628152009-f70dbe0186ec:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matrix:sliding_sync:v0.0.0-20240510132532-693587ef7e1c:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matrix:sliding_sync:v0.0.0-20240628152009-f70dbe0186ec:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -1973,7 +1973,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2031,7 +2031,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2089,7 +2089,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2147,7 +2147,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2201,7 +2201,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2259,7 +2259,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2317,7 +2317,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2371,7 +2371,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2425,7 +2425,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2479,7 +2479,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2533,7 +2533,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2587,7 +2587,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2641,7 +2641,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2695,7 +2695,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2749,7 +2749,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2803,7 +2803,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2857,7 +2857,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2911,7 +2911,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -2965,7 +2965,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3018,7 +3018,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3072,7 +3072,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3126,7 +3126,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3180,7 +3180,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3234,7 +3234,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3288,7 +3288,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3342,7 +3342,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3396,7 +3396,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3450,7 +3450,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3504,7 +3504,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3558,7 +3558,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3612,7 +3612,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3666,7 +3666,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3720,7 +3720,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3774,7 +3774,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3828,7 +3828,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3882,7 +3882,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -3911,7 +3911,7 @@ ] }, { - "bom-ref": "pkg:apk/alpine/libc-utils@0.7.2-r3?arch=x86_64&upstream=libc-dev&distro=alpine-3.17.7&package-id=f95be16d8615d51f", + "bom-ref": "pkg:apk/alpine/libc-utils@0.7.2-r3?arch=x86_64&upstream=libc-dev&distro=alpine-3.17.8&package-id=f95be16d8615d51f", "type": "library", "publisher": "Natanael Copa ", "name": "libc-utils", @@ -3923,7 +3923,7 @@ } ], "cpe": "cpe:2.3:a:libc-utils:libc-utils:0.7.2-r3:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/libc-utils@0.7.2-r3?arch=x86_64&upstream=libc-dev&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/libc-utils@0.7.2-r3?arch=x86_64&upstream=libc-dev&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://alpinelinux.org", @@ -3965,7 +3965,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -3998,11 +3998,11 @@ ] }, { - "bom-ref": "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=1dbdec7b5a8c9789", + "bom-ref": "pkg:apk/alpine/libcrypto3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=d7c2d608bef9ced1", "type": "library", "publisher": "Ariadne Conill ", "name": "libcrypto3", - "version": "3.0.12-r4", + "version": "3.0.13-r0", "description": "Crypto library from openssl", "licenses": [ { @@ -4011,8 +4011,8 @@ } } ], - "cpe": "cpe:2.3:a:libcrypto3:libcrypto3:3.0.12-r4:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7", + "cpe": "cpe:2.3:a:libcrypto3:libcrypto3:3.0.13-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libcrypto3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://www.openssl.org/", @@ -4034,19 +4034,19 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libcrypto3:libcrypto:3.0.12-r4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libcrypto3:libcrypto:3.0.13-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libcrypto:libcrypto3:3.0.12-r4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libcrypto:libcrypto3:3.0.13-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libcrypto:libcrypto:3.0.12-r4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libcrypto:libcrypto:3.0.13-r0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -4054,11 +4054,11 @@ }, { "name": "syft:metadata:gitCommitOfApkPort", - "value": "9fd14fce55ac36f382b575276db9131d69466024" + "value": "e5e3f4bce3e8897f84449138e1a1390d004718a1" }, { "name": "syft:metadata:installedSize", - "value": "4218880" + "value": "4227072" }, { "name": "syft:metadata:originPackage", @@ -4070,7 +4070,7 @@ }, { "name": "syft:metadata:pullChecksum", - "value": "Q16JFkmhs7664x/0OJ/TiuA69VFP8=" + "value": "Q1g26Ag/kBBOP5w6DFF+G5lSScRjc=" }, { "name": "syft:metadata:pullDependencies:0", @@ -4078,12 +4078,12 @@ }, { "name": "syft:metadata:size", - "value": "1716140" + "value": "1719114" } ] }, { - "bom-ref": "pkg:apk/alpine/libcurl@8.5.0-r0?arch=x86_64&upstream=curl&distro=alpine-3.17.7&package-id=334f8da813679bd5", + "bom-ref": "pkg:apk/alpine/libcurl@8.5.0-r0?arch=x86_64&upstream=curl&distro=alpine-3.17.8&package-id=334f8da813679bd5", "type": "library", "publisher": "Natanael Copa ", "name": "libcurl", @@ -4097,7 +4097,7 @@ } ], "cpe": "cpe:2.3:a:libcurl:libcurl:8.5.0-r0:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/libcurl@8.5.0-r0?arch=x86_64&upstream=curl&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/libcurl@8.5.0-r0?arch=x86_64&upstream=curl&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://curl.se/", @@ -4119,7 +4119,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -4180,11 +4180,11 @@ ] }, { - "bom-ref": "pkg:apk/alpine/libssl3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=c7c847e89d4d479a", + "bom-ref": "pkg:apk/alpine/libssl3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=40f5de0c9514d98e", "type": "library", "publisher": "Ariadne Conill ", "name": "libssl3", - "version": "3.0.12-r4", + "version": "3.0.13-r0", "description": "SSL shared libraries", "licenses": [ { @@ -4193,8 +4193,8 @@ } } ], - "cpe": "cpe:2.3:a:libssl3:libssl3:3.0.12-r4:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/libssl3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7", + "cpe": "cpe:2.3:a:libssl3:libssl3:3.0.13-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libssl3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://www.openssl.org/", @@ -4216,19 +4216,19 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libssl3:libssl:3.0.12-r4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libssl3:libssl:3.0.13-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libssl:libssl3:3.0.12-r4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libssl:libssl3:3.0.13-r0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:libssl:libssl:3.0.12-r4:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:libssl:libssl:3.0.13-r0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -4236,7 +4236,7 @@ }, { "name": "syft:metadata:gitCommitOfApkPort", - "value": "9fd14fce55ac36f382b575276db9131d69466024" + "value": "e5e3f4bce3e8897f84449138e1a1390d004718a1" }, { "name": "syft:metadata:installedSize", @@ -4252,7 +4252,7 @@ }, { "name": "syft:metadata:pullChecksum", - "value": "Q1ZGlMAqkkljigXGuonX2sfRKJOsE=" + "value": "Q1Vgd9/bv5wpDoJ52qT2a77gIy+y0=" }, { "name": "syft:metadata:pullDependencies:0", @@ -4264,12 +4264,12 @@ }, { "name": "syft:metadata:size", - "value": "246389" + "value": "246441" } ] }, { - "bom-ref": "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5", + "bom-ref": "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5", "type": "library", "publisher": "Timo Teräs ", "name": "musl", @@ -4283,7 +4283,7 @@ } ], "cpe": "cpe:2.3:a:musl-libc:musl:1.2.3-r5:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://musl.libc.org/", @@ -4313,7 +4313,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -4346,7 +4346,7 @@ ] }, { - "bom-ref": "pkg:apk/alpine/musl-utils@1.2.3-r5?arch=x86_64&upstream=musl&distro=alpine-3.17.7&package-id=4780f8caa47c9cb2", + "bom-ref": "pkg:apk/alpine/musl-utils@1.2.3-r5?arch=x86_64&upstream=musl&distro=alpine-3.17.8&package-id=4780f8caa47c9cb2", "type": "library", "publisher": "Timo Teräs ", "name": "musl-utils", @@ -4358,7 +4358,7 @@ } ], "cpe": "cpe:2.3:a:musl-utils:musl-utils:1.2.3-r5:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/musl-utils@1.2.3-r5?arch=x86_64&upstream=musl&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/musl-utils@1.2.3-r5?arch=x86_64&upstream=musl&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://musl.libc.org/", @@ -4408,7 +4408,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -4465,7 +4465,7 @@ ] }, { - "bom-ref": "pkg:apk/alpine/nghttp2-libs@1.51.0-r2?arch=x86_64&upstream=nghttp2&distro=alpine-3.17.7&package-id=7da33116f1dfc9f0", + "bom-ref": "pkg:apk/alpine/nghttp2-libs@1.51.0-r2?arch=x86_64&upstream=nghttp2&distro=alpine-3.17.8&package-id=7da33116f1dfc9f0", "type": "library", "publisher": "Francesco Colista ", "name": "nghttp2-libs", @@ -4479,7 +4479,7 @@ } ], "cpe": "cpe:2.3:a:nghttp2-libs:nghttp2-libs:1.51.0-r2:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/nghttp2-libs@1.51.0-r2?arch=x86_64&upstream=nghttp2&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/nghttp2-libs@1.51.0-r2?arch=x86_64&upstream=nghttp2&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://nghttp2.org", @@ -4593,7 +4593,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -4630,7 +4630,7 @@ ] }, { - "bom-ref": "pkg:apk/alpine/scanelf@1.3.5-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.17.7&package-id=544ec51c3fe9a624", + "bom-ref": "pkg:apk/alpine/scanelf@1.3.5-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.17.8&package-id=544ec51c3fe9a624", "type": "library", "publisher": "Natanael Copa ", "name": "scanelf", @@ -4644,7 +4644,7 @@ } ], "cpe": "cpe:2.3:a:scanelf:scanelf:1.3.5-r1:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/scanelf@1.3.5-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/scanelf@1.3.5-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://wiki.gentoo.org/wiki/Hardened/PaX_Utilities", @@ -4666,7 +4666,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -4703,11 +4703,11 @@ ] }, { - "bom-ref": "pkg:apk/alpine/ssl_client@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=b37d6e2e45f66f33", + "bom-ref": "pkg:apk/alpine/ssl_client@1.35.0-r31?arch=x86_64&upstream=busybox&distro=alpine-3.17.8&package-id=f5ad95329e6ad20a", "type": "library", "publisher": "Sören Tempel ", "name": "ssl_client", - "version": "1.35.0-r29", + "version": "1.35.0-r31", "description": "EXternal ssl_client for busybox wget", "licenses": [ { @@ -4716,8 +4716,8 @@ } } ], - "cpe": "cpe:2.3:a:ssl-client:ssl-client:1.35.0-r29:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/ssl_client@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7", + "cpe": "cpe:2.3:a:ssl-client:ssl-client:1.35.0-r31:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/ssl_client@1.35.0-r31?arch=x86_64&upstream=busybox&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://busybox.net/", @@ -4739,27 +4739,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ssl-client:ssl_client:1.35.0-r29:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ssl-client:ssl_client:1.35.0-r31:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ssl_client:ssl-client:1.35.0-r29:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ssl_client:ssl-client:1.35.0-r31:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ssl_client:ssl_client:1.35.0-r29:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ssl_client:ssl_client:1.35.0-r31:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ssl:ssl-client:1.35.0-r29:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ssl:ssl-client:1.35.0-r31:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:ssl:ssl_client:1.35.0-r29:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:ssl:ssl_client:1.35.0-r31:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -4767,7 +4767,7 @@ }, { "name": "syft:metadata:gitCommitOfApkPort", - "value": "1dbf7a793afae640ea643a055b6dd4f430ac116b" + "value": "14d002092620f03624ffbe33ccffe3b89a64b8ad" }, { "name": "syft:metadata:installedSize", @@ -4779,11 +4779,11 @@ }, { "name": "syft:metadata:provides:0", - "value": "cmd:ssl_client=1.35.0-r29" + "value": "cmd:ssl_client=1.35.0-r31" }, { "name": "syft:metadata:pullChecksum", - "value": "Q1QuqZjeP6XG85I29tOiCWofL8Cj0=" + "value": "Q1qKEolPiP42oQMbXzbmJpwrQZmF8=" }, { "name": "syft:metadata:pullDependencies:0", @@ -4799,7 +4799,7 @@ }, { "name": "syft:metadata:size", - "value": "4929" + "value": "4928" } ] }, @@ -4832,7 +4832,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:9b88dbbdc3f8b7907e8d96ca35007ba3c714ab78fd4c6ffe167d3ea6e3c5df39" + "value": "sha256:e0977d5b8d6232956cf14c85fad722be095ddac6c3fa710397e8fcb4e93a0c76" }, { "name": "syft:location:0:path", @@ -4845,7 +4845,7 @@ ] }, { - "bom-ref": "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.7&package-id=6ad7c0b45a22318c", + "bom-ref": "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.8&package-id=6ad7c0b45a22318c", "type": "library", "publisher": "Natanael Copa ", "name": "zlib", @@ -4859,7 +4859,7 @@ } ], "cpe": "cpe:2.3:a:zlib:zlib:1.2.13-r0:*:*:*:*:*:*:*", - "purl": "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.7", + "purl": "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.8", "externalReferences": [ { "url": "https://zlib.net/", @@ -4881,7 +4881,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:8d8e9df594b9d13d51cf88002b5ff151af8b87848b5305225acb525f31d5baf9" + "value": "sha256:2ed64988a12d2897484ebeae1a9b7ade79eb5da54413bae6f88e3caa736db0ff" }, { "name": "syft:location:0:path", @@ -4918,15 +4918,15 @@ ] }, { - "bom-ref": "os:alpine@3.17.7", + "bom-ref": "os:alpine@3.17.8", "type": "operating-system", "name": "alpine", - "version": "3.17.7", + "version": "3.17.8", "description": "Alpine Linux v3.17", "swid": { "tagId": "alpine", "name": "alpine", - "version": "3.17.7" + "version": "3.17.8" }, "externalReferences": [ { @@ -4949,516 +4949,234 @@ }, { "name": "syft:distro:versionID", - "value": "3.17.7" + "value": "3.17.8" } ] } ], "dependencies": [ { - "ref": "pkg:apk/alpine/alpine-baselayout@3.4.0-r0?arch=x86_64&distro=alpine-3.17.7&package-id=0a3b4a9dae4049aa", + "ref": "pkg:apk/alpine/alpine-baselayout@3.4.0-r0?arch=x86_64&distro=alpine-3.17.8&package-id=0a3b4a9dae4049aa", "dependsOn": [ - "pkg:apk/alpine/alpine-baselayout-data@3.4.0-r0?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.17.7&package-id=008bcc1445f44203", - "pkg:apk/alpine/busybox-binsh@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=10c99a42ed5bf9d4" + "pkg:apk/alpine/alpine-baselayout-data@3.4.0-r0?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.17.8&package-id=008bcc1445f44203", + "pkg:apk/alpine/busybox-binsh@1.35.0-r31?arch=x86_64&upstream=busybox&distro=alpine-3.17.8&package-id=a995da7a1cf14315" ] }, { - "ref": "pkg:apk/alpine/apk-tools@2.12.10-r1?arch=x86_64&distro=alpine-3.17.7&package-id=0faf8749e7caad06", + "ref": "pkg:apk/alpine/apk-tools@2.12.14-r0?arch=x86_64&distro=alpine-3.17.8&package-id=2f792c9cf3cf5d47", "dependsOn": [ - "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.17.7&package-id=c26e3474bc5d2bf8", - "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=1dbdec7b5a8c9789", - "pkg:apk/alpine/libssl3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=c7c847e89d4d479a", - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5", - "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.7&package-id=6ad7c0b45a22318c" + "pkg:apk/alpine/ca-certificates-bundle@20240226-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.17.8&package-id=234854d89fbfe9be", + "pkg:apk/alpine/libcrypto3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=d7c2d608bef9ced1", + "pkg:apk/alpine/libssl3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=40f5de0c9514d98e", + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5", + "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.8&package-id=6ad7c0b45a22318c" ] }, { - "ref": "pkg:apk/alpine/brotli-libs@1.0.9-r9?arch=x86_64&upstream=brotli&distro=alpine-3.17.7&package-id=bde4542835444bf1", + "ref": "pkg:apk/alpine/brotli-libs@1.0.9-r9?arch=x86_64&upstream=brotli&distro=alpine-3.17.8&package-id=bde4542835444bf1", "dependsOn": [ - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5" + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5" ] }, { - "ref": "pkg:apk/alpine/busybox-binsh@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=10c99a42ed5bf9d4", + "ref": "pkg:apk/alpine/busybox-binsh@1.35.0-r31?arch=x86_64&upstream=busybox&distro=alpine-3.17.8&package-id=a995da7a1cf14315", "dependsOn": [ - "pkg:apk/alpine/busybox@1.35.0-r29?arch=x86_64&distro=alpine-3.17.7&package-id=edcf6e67eac04af0" + "pkg:apk/alpine/busybox@1.35.0-r31?arch=x86_64&distro=alpine-3.17.8&package-id=f300e9f8f2d4355c" ] }, { - "ref": "pkg:apk/alpine/busybox@1.35.0-r29?arch=x86_64&distro=alpine-3.17.7&package-id=edcf6e67eac04af0", + "ref": "pkg:apk/alpine/busybox@1.35.0-r31?arch=x86_64&distro=alpine-3.17.8&package-id=f300e9f8f2d4355c", "dependsOn": [ - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5" + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5" ] }, { - "ref": "pkg:apk/alpine/ca-certificates@20240226-r0?arch=x86_64&distro=alpine-3.17.7&package-id=407923a90eac9d7b", + "ref": "pkg:apk/alpine/ca-certificates@20240226-r0?arch=x86_64&distro=alpine-3.17.8&package-id=407923a90eac9d7b", "dependsOn": [ - "pkg:apk/alpine/busybox-binsh@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=10c99a42ed5bf9d4", - "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=1dbdec7b5a8c9789", - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5" + "pkg:apk/alpine/busybox-binsh@1.35.0-r31?arch=x86_64&upstream=busybox&distro=alpine-3.17.8&package-id=a995da7a1cf14315", + "pkg:apk/alpine/libcrypto3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=d7c2d608bef9ced1", + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5" ] }, { - "ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.7&package-id=84e74ed734ce02fc", + "ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.8&package-id=84e74ed734ce02fc", "dependsOn": [ - "pkg:apk/alpine/ca-certificates@20240226-r0?arch=x86_64&distro=alpine-3.17.7&package-id=407923a90eac9d7b", - "pkg:apk/alpine/libcurl@8.5.0-r0?arch=x86_64&upstream=curl&distro=alpine-3.17.7&package-id=334f8da813679bd5", - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5", - "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.7&package-id=6ad7c0b45a22318c" + "pkg:apk/alpine/ca-certificates@20240226-r0?arch=x86_64&distro=alpine-3.17.8&package-id=407923a90eac9d7b", + "pkg:apk/alpine/libcurl@8.5.0-r0?arch=x86_64&upstream=curl&distro=alpine-3.17.8&package-id=334f8da813679bd5", + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5", + "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.8&package-id=6ad7c0b45a22318c" ] }, { - "ref": "pkg:apk/alpine/libc-utils@0.7.2-r3?arch=x86_64&upstream=libc-dev&distro=alpine-3.17.7&package-id=f95be16d8615d51f", + "ref": "pkg:apk/alpine/libc-utils@0.7.2-r3?arch=x86_64&upstream=libc-dev&distro=alpine-3.17.8&package-id=f95be16d8615d51f", "dependsOn": [ - "pkg:apk/alpine/musl-utils@1.2.3-r5?arch=x86_64&upstream=musl&distro=alpine-3.17.7&package-id=4780f8caa47c9cb2" + "pkg:apk/alpine/musl-utils@1.2.3-r5?arch=x86_64&upstream=musl&distro=alpine-3.17.8&package-id=4780f8caa47c9cb2" ] }, { - "ref": "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=1dbdec7b5a8c9789", + "ref": "pkg:apk/alpine/libcrypto3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=d7c2d608bef9ced1", "dependsOn": [ - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5" + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5" ] }, { - "ref": "pkg:apk/alpine/libcurl@8.5.0-r0?arch=x86_64&upstream=curl&distro=alpine-3.17.7&package-id=334f8da813679bd5", + "ref": "pkg:apk/alpine/libcurl@8.5.0-r0?arch=x86_64&upstream=curl&distro=alpine-3.17.8&package-id=334f8da813679bd5", "dependsOn": [ - "pkg:apk/alpine/brotli-libs@1.0.9-r9?arch=x86_64&upstream=brotli&distro=alpine-3.17.7&package-id=bde4542835444bf1", - "pkg:apk/alpine/ca-certificates@20240226-r0?arch=x86_64&distro=alpine-3.17.7&package-id=407923a90eac9d7b", - "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=1dbdec7b5a8c9789", - "pkg:apk/alpine/libssl3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=c7c847e89d4d479a", - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5", - "pkg:apk/alpine/nghttp2-libs@1.51.0-r2?arch=x86_64&upstream=nghttp2&distro=alpine-3.17.7&package-id=7da33116f1dfc9f0", - "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.7&package-id=6ad7c0b45a22318c" + "pkg:apk/alpine/brotli-libs@1.0.9-r9?arch=x86_64&upstream=brotli&distro=alpine-3.17.8&package-id=bde4542835444bf1", + "pkg:apk/alpine/ca-certificates@20240226-r0?arch=x86_64&distro=alpine-3.17.8&package-id=407923a90eac9d7b", + "pkg:apk/alpine/libcrypto3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=d7c2d608bef9ced1", + "pkg:apk/alpine/libssl3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=40f5de0c9514d98e", + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5", + "pkg:apk/alpine/nghttp2-libs@1.51.0-r2?arch=x86_64&upstream=nghttp2&distro=alpine-3.17.8&package-id=7da33116f1dfc9f0", + "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.8&package-id=6ad7c0b45a22318c" ] }, { - "ref": "pkg:apk/alpine/libssl3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=c7c847e89d4d479a", + "ref": "pkg:apk/alpine/libssl3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=40f5de0c9514d98e", "dependsOn": [ - "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=1dbdec7b5a8c9789", - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5" + "pkg:apk/alpine/libcrypto3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=d7c2d608bef9ced1", + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5" ] }, { - "ref": "pkg:apk/alpine/musl-utils@1.2.3-r5?arch=x86_64&upstream=musl&distro=alpine-3.17.7&package-id=4780f8caa47c9cb2", + "ref": "pkg:apk/alpine/musl-utils@1.2.3-r5?arch=x86_64&upstream=musl&distro=alpine-3.17.8&package-id=4780f8caa47c9cb2", "dependsOn": [ - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5", - "pkg:apk/alpine/scanelf@1.3.5-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.17.7&package-id=544ec51c3fe9a624" + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5", + "pkg:apk/alpine/scanelf@1.3.5-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.17.8&package-id=544ec51c3fe9a624" ] }, { - "ref": "pkg:apk/alpine/nghttp2-libs@1.51.0-r2?arch=x86_64&upstream=nghttp2&distro=alpine-3.17.7&package-id=7da33116f1dfc9f0", + "ref": "pkg:apk/alpine/nghttp2-libs@1.51.0-r2?arch=x86_64&upstream=nghttp2&distro=alpine-3.17.8&package-id=7da33116f1dfc9f0", "dependsOn": [ - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5" + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5" ] }, { - "ref": "pkg:apk/alpine/scanelf@1.3.5-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.17.7&package-id=544ec51c3fe9a624", + "ref": "pkg:apk/alpine/scanelf@1.3.5-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.17.8&package-id=544ec51c3fe9a624", "dependsOn": [ - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5" + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5" ] }, { - "ref": "pkg:apk/alpine/ssl_client@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=b37d6e2e45f66f33", + "ref": "pkg:apk/alpine/ssl_client@1.35.0-r31?arch=x86_64&upstream=busybox&distro=alpine-3.17.8&package-id=f5ad95329e6ad20a", "dependsOn": [ - "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=1dbdec7b5a8c9789", - "pkg:apk/alpine/libssl3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=c7c847e89d4d479a", - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5" + "pkg:apk/alpine/libcrypto3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=d7c2d608bef9ced1", + "pkg:apk/alpine/libssl3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=40f5de0c9514d98e", + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5" ] }, { - "ref": "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.7&package-id=6ad7c0b45a22318c", + "ref": "pkg:apk/alpine/zlib@1.2.13-r0?arch=x86_64&distro=alpine-3.17.8&package-id=6ad7c0b45a22318c", "dependsOn": [ - "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.7&package-id=4d44a781f51d0fb5" - ] - } - ], - "vulnerabilities": [ - { - "bom-ref": "urn:uuid:02b11ce6-4708-432d-bc23-23689fd142f4", - "id": "CVE-2023-42363", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42363" - }, - "references": [ - { - "id": "CVE-2023-42363", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42363" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "advisories": [ - { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42363" - } - ], - "affects": [ - { - "ref": "pkg:apk/alpine/busybox@1.35.0-r29?arch=x86_64&distro=alpine-3.17.7&package-id=edcf6e67eac04af0" - } - ] - }, - { - "bom-ref": "urn:uuid:8eab5bf9-4145-4c57-b8a1-64a51f87fa18", - "id": "CVE-2023-42363", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42363" - }, - "references": [ - { - "id": "CVE-2023-42363", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42363" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "advisories": [ - { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42363" - } - ], - "affects": [ - { - "ref": "pkg:apk/alpine/busybox-binsh@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=10c99a42ed5bf9d4" - } - ] - }, - { - "bom-ref": "urn:uuid:2f8826ad-2818-4ce5-82ab-cf933a7d30d8", - "id": "CVE-2023-42363", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42363" - }, - "references": [ - { - "id": "CVE-2023-42363", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42363" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "advisories": [ - { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42363" - } - ], - "affects": [ - { - "ref": "pkg:apk/alpine/ssl_client@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=b37d6e2e45f66f33" - } - ] - }, - { - "bom-ref": "urn:uuid:01a3fc4a-beb4-4089-9d2c-010e9bf3e4ba", - "id": "CVE-2023-42364", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42364" - }, - "references": [ - { - "id": "CVE-2023-42364", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42364" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "advisories": [ - { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42364" - } - ], - "affects": [ - { - "ref": "pkg:apk/alpine/busybox@1.35.0-r29?arch=x86_64&distro=alpine-3.17.7&package-id=edcf6e67eac04af0" - } - ] - }, - { - "bom-ref": "urn:uuid:87017442-e46d-4e48-bc08-315ff2e949ab", - "id": "CVE-2023-42364", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42364" - }, - "references": [ - { - "id": "CVE-2023-42364", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42364" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "advisories": [ - { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42364" - } - ], - "affects": [ - { - "ref": "pkg:apk/alpine/busybox-binsh@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=10c99a42ed5bf9d4" - } - ] - }, - { - "bom-ref": "urn:uuid:b5d38c3d-cfa2-4daa-a214-83afd97973e0", - "id": "CVE-2023-42364", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42364" - }, - "references": [ - { - "id": "CVE-2023-42364", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42364" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "advisories": [ - { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42364" - } - ], - "affects": [ - { - "ref": "pkg:apk/alpine/ssl_client@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=b37d6e2e45f66f33" - } - ] - }, - { - "bom-ref": "urn:uuid:1f16e6f3-e09d-4d21-9778-6cbd29d4dadf", - "id": "CVE-2023-42365", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42365" - }, - "references": [ - { - "id": "CVE-2023-42365", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42365" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "advisories": [ - { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42365" - } - ], - "affects": [ - { - "ref": "pkg:apk/alpine/busybox@1.35.0-r29?arch=x86_64&distro=alpine-3.17.7&package-id=edcf6e67eac04af0" - } - ] - }, - { - "bom-ref": "urn:uuid:3b061ad2-f15c-48ba-877f-59b9389a10f2", - "id": "CVE-2023-42365", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42365" - }, - "references": [ - { - "id": "CVE-2023-42365", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42365" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "advisories": [ - { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42365" - } - ], - "affects": [ - { - "ref": "pkg:apk/alpine/busybox-binsh@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=10c99a42ed5bf9d4" - } - ] - }, - { - "bom-ref": "urn:uuid:704d8e77-1624-4a84-8b58-5a4a52b74921", - "id": "CVE-2023-42365", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42365" - }, - "references": [ - { - "id": "CVE-2023-42365", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42365" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "advisories": [ - { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42365" - } - ], - "affects": [ - { - "ref": "pkg:apk/alpine/ssl_client@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=b37d6e2e45f66f33" - } + "pkg:apk/alpine/musl@1.2.3-r5?arch=x86_64&distro=alpine-3.17.8&package-id=4d44a781f51d0fb5" ] }, { - "bom-ref": "urn:uuid:90237062-df0d-4422-bd85-718ebc41b0c9", - "id": "CVE-2023-42366", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366" - }, - "references": [ - { - "id": "CVE-2023-42366", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366" - } - } - ], - "ratings": [ - { - "severity": "medium" - } - ], - "advisories": [ - { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366" - } - ], - "affects": [ - { - "ref": "pkg:apk/alpine/busybox@1.35.0-r29?arch=x86_64&distro=alpine-3.17.7&package-id=edcf6e67eac04af0" - } + "ref": "pkg:golang/github.com/matrix-org/sliding-sync@v0.0.0-20240628152009-f70dbe0186ec?package-id=a8b38d6361c925d6", + "dependsOn": [ + "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=789a0c0e1876202b", + "pkg:golang/github.com/cenkalti/backoff@v4.2.1?package-id=c60067ea7b7a03cf#v4", + "pkg:golang/github.com/cespare/xxhash@v2.2.0?package-id=b90d448a627e054d#v2", + "pkg:golang/github.com/felixge/httpsnoop@v1.0.3?package-id=4e62a71de181f565", + "pkg:golang/github.com/fxamacker/cbor@v2.5.0?package-id=bdbcb925797f49c0#v2", + "pkg:golang/github.com/getsentry/sentry-go@v0.24.1?package-id=cd005b5120bf4938", + "pkg:golang/github.com/go-logr/logr@v1.2.4?package-id=d2240c7539b3eb85", + "pkg:golang/github.com/go-logr/stdr@v1.2.2?package-id=5b2865e65a8c5252", + "pkg:golang/github.com/golang/protobuf@v1.5.3?package-id=059278db016f5da1", + "pkg:golang/github.com/gorilla/mux@v1.8.0?package-id=371efe997cac9bd9", + "pkg:golang/github.com/grpc-ecosystem/grpc-gateway@v2.17.0?package-id=e549719f65698120#v2", + "pkg:golang/github.com/jmoiron/sqlx@v1.3.3?package-id=61ce82dd83514351", + "pkg:golang/github.com/lib/pq@v1.10.9?package-id=286e09b636ebc239", + "pkg:golang/github.com/matrix-org/gomatrixserverlib@v0.0.0-20230921171121-0466775328c7?package-id=0dee2f605f01de53", + "pkg:golang/github.com/matrix-org/util@v0.0.0-20221111132719-399730281e66?package-id=4585195133dca0bd", + "pkg:golang/github.com/mattn/go-colorable@v0.1.13?package-id=245bd3080b75b5a9", + "pkg:golang/github.com/mattn/go-isatty@v0.0.19?package-id=4aa34ee55911f461", + "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v1.0.1?package-id=f96325ff3642cf4b", + "pkg:golang/github.com/pressly/goose@v3.14.0?package-id=3ef930587e193556#v3", + "pkg:golang/github.com/prometheus/client_golang@v1.13.0?package-id=d721a41d54f87451", + "pkg:golang/github.com/prometheus/client_model@v0.2.0?package-id=3e75dcc47376ff66", + "pkg:golang/github.com/prometheus/common@v0.37.0?package-id=d5329f4b00b08ca6", + "pkg:golang/github.com/prometheus/procfs@v0.11.0?package-id=15b6ead5200bcf9e", + "pkg:golang/github.com/renekroon/ttlcache@v2.8.1?package-id=28ae257cec56af1f#v2", + "pkg:golang/github.com/rs/xid@v1.4.0?package-id=a0ba9826e0d4d4f9", + "pkg:golang/github.com/rs/zerolog@v1.29.0?package-id=8cffbf6d11e17e9f", + "pkg:golang/github.com/sirupsen/logrus@v1.9.3?package-id=d6b3d8555e8d7e58", + "pkg:golang/github.com/tidwall/gjson@v1.16.0?package-id=6dcf7a20fa89b65e", + "pkg:golang/github.com/tidwall/match@v1.1.1?package-id=50ef28764b4e15f7", + "pkg:golang/github.com/tidwall/pretty@v1.2.1?package-id=8b131f33eacce304", + "pkg:golang/github.com/tidwall/sjson@v1.2.5?package-id=89412e689111eab4", + "pkg:golang/github.com/x448/float16@v0.8.4?package-id=cd16759012aeb959", + "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.44.0?package-id=1821c2888756468e#net/http/otelhttp", + "pkg:golang/go.opentelemetry.io/contrib/propagators@v1.18.0?package-id=7f73b68f910cdd0a#jaeger", + "pkg:golang/go.opentelemetry.io/otel/exporters@v1.18.0?package-id=275d2a7a9904eb34#otlp/otlptrace/otlptracehttp", + "pkg:golang/go.opentelemetry.io/otel/exporters@v1.18.0?package-id=fadeb92ef19aa963#otlp/otlptrace", + "pkg:golang/go.opentelemetry.io/otel/metric@v1.18.0?package-id=6b10d32424dc5871", + "pkg:golang/go.opentelemetry.io/otel/sdk@v1.18.0?package-id=88494354bdc3d482", + "pkg:golang/go.opentelemetry.io/otel/trace@v1.18.0?package-id=5f8cb30e385fece4", + "pkg:golang/go.opentelemetry.io/otel@v1.18.0?package-id=7d2d1e068c1903f3", + "pkg:golang/go.opentelemetry.io/proto/otlp@v1.0.0?package-id=58a038610e05e5a2", + "pkg:golang/golang.org/x/crypto@v0.14.0?package-id=fe8b1f2529507404", + "pkg:golang/golang.org/x/exp@v0.0.0-20230905200255-921286631fa9?package-id=5ff481d1cc365cb0", + "pkg:golang/golang.org/x/net@v0.17.0?package-id=bb8b344cac5f000e", + "pkg:golang/golang.org/x/sync@v0.3.0?package-id=125c93fe051291e2", + "pkg:golang/golang.org/x/sys@v0.13.0?package-id=0da07d2c3f7ac7c1", + "pkg:golang/golang.org/x/text@v0.13.0?package-id=169fe487ffc20d4d", + "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20230822172742-b8732ec3820d?package-id=bf2cbf8dcf6742ac#rpc", + "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20230822172742-b8732ec3820d?package-id=f335d7a251a15090#api", + "pkg:golang/google.golang.org/grpc@v1.58.3?package-id=62b7d6e292ed5f84", + "pkg:golang/google.golang.org/protobuf@v1.31.0?package-id=edca9c7817ed48a6", + "pkg:golang/stdlib@1.20.14?package-id=59de593c67ed2519" ] - }, + } + ], + "vulnerabilities": [ { - "bom-ref": "urn:uuid:9b6afe9c-c684-4e6e-90b0-2ca666b66612", - "id": "CVE-2023-42366", + "bom-ref": "urn:uuid:f3d4728a-c2df-40fc-8d88-4034ab57354c", + "id": "CVE-2023-24531", "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366" + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24531" }, "references": [ { - "id": "CVE-2023-42366", + "id": "CVE-2023-24531", "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366" + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24531" } } ], "ratings": [ { - "severity": "medium" + "severity": "unknown" } ], + "description": "Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is relatively minor because, in general, if an attacker can set arbitrary environment variables on a system, they have better attack vectors than making \"go env\" print them out.", "advisories": [ { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366" - } - ], - "affects": [ + "url": "https://go.dev/cl/488375" + }, { - "ref": "pkg:apk/alpine/busybox-binsh@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=10c99a42ed5bf9d4" - } - ] - }, - { - "bom-ref": "urn:uuid:a478631b-ede5-4698-bf42-e85282063c58", - "id": "CVE-2023-42366", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366" - }, - "references": [ + "url": "https://go.dev/cl/493535" + }, { - "id": "CVE-2023-42366", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366" - } - } - ], - "ratings": [ + "url": "https://go.dev/issue/58508" + }, { - "severity": "medium" - } - ], - "advisories": [ + "url": "https://groups.google.com/g/golang-dev/c/ixHOFpSbajE/m/8EjlbKVWAwAJ" + }, { - "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366" + "url": "https://pkg.go.dev/vuln/GO-2024-2962" } ], "affects": [ { - "ref": "pkg:apk/alpine/ssl_client@1.35.0-r29?arch=x86_64&upstream=busybox&distro=alpine-3.17.7&package-id=b37d6e2e45f66f33" + "ref": "pkg:golang/stdlib@1.20.14?package-id=59de593c67ed2519" } ] }, { - "bom-ref": "urn:uuid:1ed106b3-e11a-43da-a9c8-2b385a89b0c6", + "bom-ref": "urn:uuid:41e9e388-ddaa-48d1-8e1c-4183b886010f", "id": "CVE-2023-45288", "source": { "name": "nvd-cpe", @@ -5512,7 +5230,7 @@ ] }, { - "bom-ref": "urn:uuid:550b0ee6-8674-48e7-810d-11586a99a866", + "bom-ref": "urn:uuid:7ae7b98d-1a0d-431a-8465-8bf63134f52d", "id": "CVE-2023-45289", "source": { "name": "nvd-cpe", @@ -5560,7 +5278,7 @@ ] }, { - "bom-ref": "urn:uuid:9c5a1bfe-c1f2-4698-b5be-981a595a7d1d", + "bom-ref": "urn:uuid:9af74995-8c7d-460e-a4cf-aa2c6580a42e", "id": "CVE-2023-45290", "source": { "name": "nvd-cpe", @@ -5608,7 +5326,7 @@ ] }, { - "bom-ref": "urn:uuid:96d15422-9703-45bd-9bec-ebffff076e94", + "bom-ref": "urn:uuid:f76d10d3-8988-48b8-b5bd-95b589abc9f0", "id": "CVE-2024-0853", "source": { "name": "nvd-cpe", @@ -5654,12 +5372,12 @@ ], "affects": [ { - "ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.7&package-id=84e74ed734ce02fc" + "ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.8&package-id=84e74ed734ce02fc" } ] }, { - "bom-ref": "urn:uuid:d8d6253d-9c57-495b-8fc5-e5a6cf6d31ff", + "bom-ref": "urn:uuid:b7088fd5-0a1e-469d-8724-033470be9cba", "id": "CVE-2024-2004", "source": { "name": "nvd-cpe", @@ -5676,7 +5394,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 3.5, + "severity": "low", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" } ], "description": "When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled. curl --proto -all,-http http://curl.se The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug.", @@ -5705,12 +5426,12 @@ ], "affects": [ { - "ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.7&package-id=84e74ed734ce02fc" + "ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.8&package-id=84e74ed734ce02fc" } ] }, { - "bom-ref": "urn:uuid:2275d311-46ba-42e2-b52e-1d8d8d0d7525", + "bom-ref": "urn:uuid:f4958fba-5b0d-49c4-823b-d995e283c4aa", "id": "CVE-2024-2398", "source": { "name": "nvd-cpe", @@ -5727,7 +5448,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 8.6, + "severity": "high", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" } ], "description": "When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.", @@ -5756,12 +5480,12 @@ ], "affects": [ { - "ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.7&package-id=84e74ed734ce02fc" + "ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.8&package-id=84e74ed734ce02fc" } ] }, { - "bom-ref": "urn:uuid:3b5c0f92-ecf0-4dad-8139-dee000e321e9", + "bom-ref": "urn:uuid:353f2f48-dfb9-4ae7-ad0e-6ca568e7c0cd", "id": "CVE-2024-2466", "source": { "name": "nvd-cpe", @@ -5801,12 +5525,12 @@ ], "affects": [ { - "ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.7&package-id=84e74ed734ce02fc" + "ref": "pkg:apk/alpine/curl@8.5.0-r0?arch=x86_64&distro=alpine-3.17.8&package-id=84e74ed734ce02fc" } ] }, { - "bom-ref": "urn:uuid:c6b09230-b620-4ebf-b1a8-34557ae863fe", + "bom-ref": "urn:uuid:90262321-06db-4db3-9880-628b5c51a036", "id": "CVE-2024-24783", "source": { "name": "nvd-cpe", @@ -5854,7 +5578,7 @@ ] }, { - "bom-ref": "urn:uuid:dd5c9c85-cb3a-4f99-8610-fde24e1aec78", + "bom-ref": "urn:uuid:5537075c-ef20-422b-a308-21834350de5a", "id": "CVE-2024-24784", "source": { "name": "nvd-cpe", @@ -5902,7 +5626,7 @@ ] }, { - "bom-ref": "urn:uuid:10004849-c519-4536-b35d-8c4d1ec987aa", + "bom-ref": "urn:uuid:ea5e8ab4-4999-4ba8-8794-d8d2d612c851", "id": "CVE-2024-24785", "source": { "name": "nvd-cpe", @@ -5950,7 +5674,7 @@ ] }, { - "bom-ref": "urn:uuid:3a5f0f81-d454-495f-84ab-a3a6888187b0", + "bom-ref": "urn:uuid:4fcd6088-85d5-4e6c-88c9-297bd2048758", "id": "CVE-2024-24787", "source": { "name": "nvd-cpe", @@ -5967,7 +5691,10 @@ ], "ratings": [ { - "severity": "unknown" + "score": 6.4, + "severity": "medium", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "description": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.", @@ -5998,7 +5725,7 @@ ] }, { - "bom-ref": "urn:uuid:7403b388-477f-427c-9fb5-8ec9422da386", + "bom-ref": "urn:uuid:401ac68e-5509-44af-a110-899ca23b5f4f", "id": "CVE-2024-24789", "source": { "name": "nvd-cpe", @@ -6019,6 +5746,12 @@ "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" + }, + { + "score": 5.3, + "severity": "medium", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "description": "The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.", @@ -6049,7 +5782,7 @@ ] }, { - "bom-ref": "urn:uuid:665db77a-8e66-413c-8607-d0e7ff0f6b3d", + "bom-ref": "urn:uuid:53611c59-2dd9-4f53-bbdd-f318b4cb04c3", "id": "CVE-2024-24790", "source": { "name": "nvd-cpe", @@ -6097,18 +5830,18 @@ ] }, { - "bom-ref": "urn:uuid:442b3d45-21ce-4c23-b376-088443589655", - "id": "CVE-2024-2511", + "bom-ref": "urn:uuid:675f81c6-ffe2-4e1d-91b1-2fda15327b94", + "id": "CVE-2024-24791", "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511" + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" }, "references": [ { - "id": "CVE-2024-2511", + "id": "CVE-2024-24791", "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511" + "name": "nvd-cpe", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" } } ], @@ -6117,51 +5850,29 @@ "severity": "unknown" } ], + "description": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.", "advisories": [ { - "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511" - } - ], - "affects": [ - { - "ref": "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=1dbdec7b5a8c9789" - } - ] - }, - { - "bom-ref": "urn:uuid:a0caf536-fe0f-4b90-83e5-d7fb1ed5bca5", - "id": "CVE-2024-2511", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511" - }, - "references": [ + "url": "https://go.dev/cl/591255" + }, { - "id": "CVE-2024-2511", - "source": { - "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511" - } - } - ], - "ratings": [ + "url": "https://go.dev/issue/67555" + }, { - "severity": "unknown" - } - ], - "advisories": [ + "url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ" + }, { - "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511" + "url": "https://pkg.go.dev/vuln/GO-2024-2963" } ], "affects": [ { - "ref": "pkg:apk/alpine/libssl3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=c7c847e89d4d479a" + "ref": "pkg:golang/stdlib@1.20.14?package-id=59de593c67ed2519" } ] }, { - "bom-ref": "urn:uuid:d1dd36dd-4e24-43b6-9d7f-c80c6879830f", + "bom-ref": "urn:uuid:b1650bc7-c386-466b-84c3-faedf31d57ff", "id": "CVE-2024-28182", "source": { "name": "nvd-cpe", @@ -6213,23 +5924,23 @@ ], "affects": [ { - "ref": "pkg:apk/alpine/nghttp2-libs@1.51.0-r2?arch=x86_64&upstream=nghttp2&distro=alpine-3.17.7&package-id=7da33116f1dfc9f0" + "ref": "pkg:apk/alpine/nghttp2-libs@1.51.0-r2?arch=x86_64&upstream=nghttp2&distro=alpine-3.17.8&package-id=7da33116f1dfc9f0" } ] }, { - "bom-ref": "urn:uuid:0e8d0ce9-769c-44f7-b20a-f17e3694d348", - "id": "CVE-2024-4603", + "bom-ref": "urn:uuid:a3f28480-165f-44cb-891f-562771042e0b", + "id": "CVE-2024-4741", "source": { "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603" + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" }, "references": [ { - "id": "CVE-2024-4603", + "id": "CVE-2024-4741", "source": { "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603" + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" } } ], @@ -6240,28 +5951,28 @@ ], "advisories": [ { - "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603" + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" } ], "affects": [ { - "ref": "pkg:apk/alpine/libcrypto3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=1dbdec7b5a8c9789" + "ref": "pkg:apk/alpine/libcrypto3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=d7c2d608bef9ced1" } ] }, { - "bom-ref": "urn:uuid:fbeb76b6-1716-4a26-8dec-b50665332157", - "id": "CVE-2024-4603", + "bom-ref": "urn:uuid:7d64c248-60ad-4bd9-9deb-991456342613", + "id": "CVE-2024-4741", "source": { "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603" + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" }, "references": [ { - "id": "CVE-2024-4603", + "id": "CVE-2024-4741", "source": { "name": "alpine-distro-alpine-3.17", - "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603" + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" } } ], @@ -6272,17 +5983,81 @@ ], "advisories": [ { - "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603" + "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libssl3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=40f5de0c9514d98e" + } + ] + }, + { + "bom-ref": "urn:uuid:e38ee2ca-80bf-4357-87bf-9d52b440089e", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + ], + "affects": [ + { + "ref": "pkg:apk/alpine/libcrypto3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=d7c2d608bef9ced1" + } + ] + }, + { + "bom-ref": "urn:uuid:4191c13d-81c5-464f-a5fa-855fce1ba61b", + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + }, + "references": [ + { + "id": "CVE-2024-5535", + "source": { + "name": "alpine-distro-alpine-3.17", + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" + } + } + ], + "ratings": [ + { + "severity": "critical" + } + ], + "advisories": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535" } ], "affects": [ { - "ref": "pkg:apk/alpine/libssl3@3.0.12-r4?arch=x86_64&upstream=openssl&distro=alpine-3.17.7&package-id=c7c847e89d4d479a" + "ref": "pkg:apk/alpine/libssl3@3.0.13-r0?arch=x86_64&upstream=openssl&distro=alpine-3.17.8&package-id=40f5de0c9514d98e" } ] }, { - "bom-ref": "urn:uuid:2c540846-ceb6-4cc5-b85e-e0b2654b29b8", + "bom-ref": "urn:uuid:bb13478b-39c4-4e4a-9918-7c4a5a5d421d", "id": "GHSA-45x7-px36-x8w8", "source": { "name": "github-language-go", @@ -6318,7 +6093,7 @@ ] }, { - "bom-ref": "urn:uuid:5b328c80-85af-48d2-b52f-c6e0c95b5701", + "bom-ref": "urn:uuid:86389530-4282-4c59-8cfb-ef34868003d9", "id": "GHSA-4v7x-pqxf-cx7m", "source": { "name": "github-language-go", @@ -6354,7 +6129,7 @@ ] }, { - "bom-ref": "urn:uuid:33940ab6-1089-4c35-bd80-e1db76d7b0ee", + "bom-ref": "urn:uuid:db1eae6d-1382-4b8b-9616-a297af8edeaf", "id": "GHSA-8r3f-844c-mc37", "source": { "name": "github-language-go", diff --git a/sboms/gcr.io_kubebuilder_kube-rbac-proxy:v0.14.1.json b/sboms/quay.io_brancz_kube-rbac-proxy:v0.18.0.json similarity index 50% rename from sboms/gcr.io_kubebuilder_kube-rbac-proxy:v0.14.1.json rename to sboms/quay.io_brancz_kube-rbac-proxy:v0.18.0.json index 4be1ca8..486f2c3 100644 --- a/sboms/gcr.io_kubebuilder_kube-rbac-proxy:v0.14.1.json +++ b/sboms/quay.io_brancz_kube-rbac-proxy:v0.18.0.json @@ -1,36 +1,36 @@ { - "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:098e14f6-7f96-4e77-8f61-e546c816689f", + "specVersion": "1.6", + "serialNumber": "urn:uuid:95ccc2fd-afa0-4515-a706-cf7ff84e8540", "version": 1, "metadata": { - "timestamp": "2024-06-28T10:54:19Z", + "timestamp": "2024-07-05T11:46:09Z", "tools": { "components": [ { "type": "application", "author": "anchore", "name": "grype", - "version": "0.78.0" + "version": "0.79.2" } ] }, "component": { - "bom-ref": "74ea34afc7468002", + "bom-ref": "986aea07a1768f17", "type": "container", - "name": "gcr.io/kubebuilder/kube-rbac-proxy:v0.14.1", - "version": "v0.14.1" + "name": "quay.io/brancz/kube-rbac-proxy:v0.18.0", + "version": "v0.18.0" }, "properties": null }, "components": [ { - "bom-ref": "pkg:deb/debian/base-files@11.1%2Bdeb11u6?arch=amd64&distro=debian-11&package-id=757fb0ea7fa0859e", + "bom-ref": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12&package-id=854ccee33785ad46", "type": "library", "publisher": "Santiago Vila ", "name": "base-files", - "version": "11.1+deb11u6", + "version": "12.4+deb12u5", "licenses": [ { "license": { @@ -38,8 +38,8 @@ } } ], - "cpe": "cpe:2.3:a:base-files:base-files:11.1\\+deb11u6:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/base-files@11.1%2Bdeb11u6?arch=amd64&distro=debian-11", + "cpe": "cpe:2.3:a:base-files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/base-files@12.4%2Bdeb12u5?arch=amd64&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -55,27 +55,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base-files:base_files:11.1\\+deb11u6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base-files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base-files:11.1\\+deb11u6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base_files:11.1\\+deb11u6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base_files:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base-files:11.1\\+deb11u6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base-files:12.4\\+deb12u5:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base_files:11.1\\+deb11u6:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:base:base_files:12.4\\+deb12u5:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:d0157aa0c95a4cae128dab97d699b2f303c8bea46914dc4a40722411f50bb40e" + "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" }, { "name": "syft:location:0:path", @@ -83,7 +83,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:d0157aa0c95a4cae128dab97d699b2f303c8bea46914dc4a40722411f50bb40e" + "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" }, { "name": "syft:location:1:path", @@ -91,7 +91,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:d0157aa0c95a4cae128dab97d699b2f303c8bea46914dc4a40722411f50bb40e" + "value": "sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c" }, { "name": "syft:location:2:path", @@ -104,7 +104,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/nytimes/gziphandler@v1.1.1?package-id=8751ff898b95aeab", + "bom-ref": "pkg:golang/github.com/nytimes/gziphandler@v1.1.1?package-id=384cacf836d44684", "type": "library", "name": "github.com/NYTimes/gziphandler", "version": "v1.1.1", @@ -129,7 +129,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -141,7 +141,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -158,12 +158,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/puerkitobio/purell@v1.1.1?package-id=5f20ababb10b9e86", + "bom-ref": "pkg:golang/github.com/antlr/antlr4@v4.0.0-20230305170008-8188dc5388df?package-id=f1cb50b3b6f1dd9b#runtime/Go/antlr/v4", "type": "library", - "name": "github.com/PuerkitoBio/purell", - "version": "v1.1.1", - "cpe": "cpe:2.3:a:PuerkitoBio:purell:v1.1.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/PuerkitoBio/purell@v1.1.1", + "name": "github.com/antlr/antlr4/runtime/Go/antlr/v4", + "version": "v4.0.0-20230305170008-8188dc5388df", + "cpe": "cpe:2.3:a:antlr:antlr4\\/runtime\\/Go\\/antlr\\/v4:v4.0.0-20230305170008-8188dc5388df:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/antlr/antlr4@v4.0.0-20230305170008-8188dc5388df#runtime/Go/antlr/v4", "properties": [ { "name": "syft:package:foundBy", @@ -183,7 +183,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -195,7 +195,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -203,7 +203,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI=" + "value": "h1:7RFfzj4SSt6nnvCPbCqijJi1nWCd+TqAT3bYCStRC18=" }, { "name": "syft:metadata:mainModule", @@ -212,12 +212,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/puerkitobio/urlesc@v0.0.0-20170810143723-de5bf2ad4578?package-id=0a921ea4bc9aeaf9", + "bom-ref": "pkg:golang/github.com/asaskevich/govalidator@v0.0.0-20190424111038-f61b66f89f4a?package-id=89f5d442b0e0ad2d", "type": "library", - "name": "github.com/PuerkitoBio/urlesc", - "version": "v0.0.0-20170810143723-de5bf2ad4578", - "cpe": "cpe:2.3:a:PuerkitoBio:urlesc:v0.0.0-20170810143723-de5bf2ad4578:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/PuerkitoBio/urlesc@v0.0.0-20170810143723-de5bf2ad4578", + "name": "github.com/asaskevich/govalidator", + "version": "v0.0.0-20190424111038-f61b66f89f4a", + "cpe": "cpe:2.3:a:asaskevich:govalidator:v0.0.0-20190424111038-f61b66f89f4a:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/asaskevich/govalidator@v0.0.0-20190424111038-f61b66f89f4a", "properties": [ { "name": "syft:package:foundBy", @@ -237,7 +237,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -249,7 +249,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -257,7 +257,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M=" + "value": "h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA=" }, { "name": "syft:metadata:mainModule", @@ -266,7 +266,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=738bb4b3e0d10589", + "bom-ref": "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=f5726f00fd512995", "type": "library", "name": "github.com/beorn7/perks", "version": "v1.0.1", @@ -291,7 +291,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -303,7 +303,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -320,7 +320,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/blang/semver@v4.0.0?package-id=9d47e5bf29672dd4#v4", + "bom-ref": "pkg:golang/github.com/blang/semver@v4.0.0?package-id=1d90b0c6632a31f0#v4", "type": "library", "name": "github.com/blang/semver/v4", "version": "v4.0.0", @@ -345,7 +345,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -357,7 +357,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -374,12 +374,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.0.0-20230406173036-64a882c0af2e?package-id=2de8ab2b0b8d48c8", + "bom-ref": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.18.0?package-id=8a3ddcfafe1af740", "type": "library", "name": "github.com/brancz/kube-rbac-proxy", - "version": "v0.0.0-20230406173036-64a882c0af2e", - "cpe": "cpe:2.3:a:brancz:kube-rbac-proxy:v0.0.0-20230406173036-64a882c0af2e:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.0.0-20230406173036-64a882c0af2e", + "version": "v0.18.0", + "cpe": "cpe:2.3:a:brancz:kube-rbac-proxy:v0.18.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.18.0", "properties": [ { "name": "syft:package:foundBy", @@ -399,11 +399,61 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:brancz:kube_rbac_proxy:v0.0.0-20230406173036-64a882c0af2e:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:brancz:kube_rbac_proxy:v0.18.0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" + }, + { + "name": "syft:location:0:path", + "value": "/usr/local/bin/kube-rbac-proxy" + }, + { + "name": "syft:metadata:architecture", + "value": "amd64" + }, + { + "name": "syft:metadata:goCompiledVersion", + "value": "go1.22.4" + }, + { + "name": "syft:metadata:goCryptoSettings:0", + "value": "standard-crypto" + }, + { + "name": "syft:metadata:mainModule", + "value": "github.com/brancz/kube-rbac-proxy" + } + ] + }, + { + "bom-ref": "pkg:golang/github.com/cenkalti/backoff@v4.2.1?package-id=cb54ede673ec69c8#v4", + "type": "library", + "name": "github.com/cenkalti/backoff/v4", + "version": "v4.2.1", + "cpe": "cpe:2.3:a:cenkalti:backoff\\/v4:v4.2.1:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/cenkalti/backoff@v4.2.1#v4", + "properties": [ + { + "name": "syft:package:foundBy", + "value": "go-module-binary-cataloger" + }, + { + "name": "syft:package:language", + "value": "go" + }, + { + "name": "syft:package:type", + "value": "go-module" + }, + { + "name": "syft:package:metadataType", + "value": "go-module-buildinfo-entry" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -415,12 +465,16 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", "value": "standard-crypto" }, + { + "name": "syft:metadata:h1Digest", + "value": "h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=" + }, { "name": "syft:metadata:mainModule", "value": "github.com/brancz/kube-rbac-proxy" @@ -428,12 +482,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/cespare/xxhash@v2.1.2?package-id=262a64f5542a9c1a#v2", + "bom-ref": "pkg:golang/github.com/cespare/xxhash@v2.2.0?package-id=824702e827fd27d9#v2", "type": "library", "name": "github.com/cespare/xxhash/v2", - "version": "v2.1.2", - "cpe": "cpe:2.3:a:cespare:xxhash\\/v2:v2.1.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/cespare/xxhash@v2.1.2#v2", + "version": "v2.2.0", + "cpe": "cpe:2.3:a:cespare:xxhash\\/v2:v2.2.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/cespare/xxhash@v2.2.0#v2", "properties": [ { "name": "syft:package:foundBy", @@ -453,7 +507,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -465,7 +519,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -473,7 +527,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE=" + "value": "h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=" }, { "name": "syft:metadata:mainModule", @@ -482,12 +536,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/coreos/go-oidc@v2.1.0%2Bincompatible?package-id=6bb4a4fb0b116722", + "bom-ref": "pkg:golang/github.com/coreos/go-oidc@v2.2.1%2Bincompatible?package-id=bc2a78a640f08db8", "type": "library", "name": "github.com/coreos/go-oidc", - "version": "v2.1.0+incompatible", - "cpe": "cpe:2.3:a:coreos:go-oidc:v2.1.0\\+incompatible:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/coreos/go-oidc@v2.1.0%2Bincompatible", + "version": "v2.2.1+incompatible", + "cpe": "cpe:2.3:a:coreos:go-oidc:v2.2.1\\+incompatible:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/coreos/go-oidc@v2.2.1%2Bincompatible", "properties": [ { "name": "syft:package:foundBy", @@ -507,11 +561,11 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:coreos:go_oidc:v2.1.0\\+incompatible:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:coreos:go_oidc:v2.2.1\\+incompatible:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -523,7 +577,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -531,7 +585,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:sdJrfw8akMnCuUlaZU3tE/uYXFgfqom8DBE9so9EBsM=" + "value": "h1:mh48q/BqXqgjVHpy2ZY7WnWAbenxRjsz9N1i1YxjHAk=" }, { "name": "syft:metadata:mainModule", @@ -540,12 +594,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/coreos/go-semver@v0.3.0?package-id=e9569bcb6bd0d43e", + "bom-ref": "pkg:golang/github.com/coreos/go-semver@v0.3.1?package-id=8660cb49c48b1ba9", "type": "library", "name": "github.com/coreos/go-semver", - "version": "v0.3.0", - "cpe": "cpe:2.3:a:coreos:go-semver:v0.3.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/coreos/go-semver@v0.3.0", + "version": "v0.3.1", + "cpe": "cpe:2.3:a:coreos:go-semver:v0.3.1:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/coreos/go-semver@v0.3.1", "properties": [ { "name": "syft:package:foundBy", @@ -565,11 +619,11 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:coreos:go_semver:v0.3.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:coreos:go_semver:v0.3.1:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -581,7 +635,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -589,7 +643,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM=" + "value": "h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4=" }, { "name": "syft:metadata:mainModule", @@ -598,12 +652,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/coreos/go-systemd@v22.3.2?package-id=addfd5c1c4154d90#v22", + "bom-ref": "pkg:golang/github.com/coreos/go-systemd@v22.5.0?package-id=f44ea437a3ca140a#v22", "type": "library", "name": "github.com/coreos/go-systemd/v22", - "version": "v22.3.2", - "cpe": "cpe:2.3:a:coreos:go-systemd\\/v22:v22.3.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/coreos/go-systemd@v22.3.2#v22", + "version": "v22.5.0", + "cpe": "cpe:2.3:a:coreos:go-systemd\\/v22:v22.5.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/coreos/go-systemd@v22.5.0#v22", "properties": [ { "name": "syft:package:foundBy", @@ -623,11 +677,11 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:coreos:go_systemd\\/v22:v22.3.2:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:coreos:go_systemd\\/v22:v22.5.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -639,7 +693,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -647,7 +701,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:D9/bQk5vlXQFZ6Kwuu6zaiXJ9oTPe68++AzAJc1DzSI=" + "value": "h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs=" }, { "name": "syft:metadata:mainModule", @@ -656,7 +710,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=884db8423e706639", + "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=6513125f2a71811c", "type": "library", "name": "github.com/davecgh/go-spew", "version": "v1.1.1", @@ -685,7 +739,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -697,7 +751,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -714,12 +768,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/emicklei/go-restful@v3.8.0?package-id=60ff78f2c031260e#v3", + "bom-ref": "pkg:golang/github.com/emicklei/go-restful@v3.11.0?package-id=5f1f77189968fa4a#v3", "type": "library", "name": "github.com/emicklei/go-restful/v3", - "version": "v3.8.0", - "cpe": "cpe:2.3:a:emicklei:go-restful\\/v3:v3.8.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/emicklei/go-restful@v3.8.0#v3", + "version": "v3.11.0", + "cpe": "cpe:2.3:a:emicklei:go-restful\\/v3:v3.11.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/emicklei/go-restful@v3.11.0#v3", "properties": [ { "name": "syft:package:foundBy", @@ -739,11 +793,11 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:emicklei:go_restful\\/v3:v3.8.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:emicklei:go_restful\\/v3:v3.11.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -755,7 +809,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -763,7 +817,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:eCZ8ulSerjdAiaNpF7GxXIE7ZCMo1moN1qX+S609eVw=" + "value": "h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=" }, { "name": "syft:metadata:mainModule", @@ -772,7 +826,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/evanphx/json-patch@v4.12.0%2Bincompatible?package-id=b0acdaf786610784", + "bom-ref": "pkg:golang/github.com/evanphx/json-patch@v4.12.0%2Bincompatible?package-id=48d386865447e815", "type": "library", "name": "github.com/evanphx/json-patch", "version": "v4.12.0+incompatible", @@ -801,7 +855,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -813,7 +867,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -830,12 +884,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/felixge/httpsnoop@v1.0.1?package-id=0339294386a1b038", + "bom-ref": "pkg:golang/github.com/felixge/httpsnoop@v1.0.3?package-id=6b7bba2cef408770", "type": "library", "name": "github.com/felixge/httpsnoop", - "version": "v1.0.1", - "cpe": "cpe:2.3:a:felixge:httpsnoop:v1.0.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/felixge/httpsnoop@v1.0.1", + "version": "v1.0.3", + "cpe": "cpe:2.3:a:felixge:httpsnoop:v1.0.3:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/felixge/httpsnoop@v1.0.3", "properties": [ { "name": "syft:package:foundBy", @@ -855,7 +909,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -867,7 +921,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -875,7 +929,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:lvB5Jl89CsZtGIWuTcDM1E/vkVs49/Ml7JJe07l8SPQ=" + "value": "h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk=" }, { "name": "syft:metadata:mainModule", @@ -884,12 +938,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/fsnotify/fsnotify@v1.4.9?package-id=7c59e19f3def2ffd", + "bom-ref": "pkg:golang/github.com/fsnotify/fsnotify@v1.7.0?package-id=46e232902a20efd8", "type": "library", "name": "github.com/fsnotify/fsnotify", - "version": "v1.4.9", - "cpe": "cpe:2.3:a:fsnotify:fsnotify:v1.4.9:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/fsnotify/fsnotify@v1.4.9", + "version": "v1.7.0", + "cpe": "cpe:2.3:a:fsnotify:fsnotify:v1.7.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/fsnotify/fsnotify@v1.7.0", "properties": [ { "name": "syft:package:foundBy", @@ -909,7 +963,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -921,7 +975,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -929,7 +983,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=" + "value": "h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=" }, { "name": "syft:metadata:mainModule", @@ -938,7 +992,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/ghodss/yaml@v1.0.0?package-id=640942596433072e", + "bom-ref": "pkg:golang/github.com/ghodss/yaml@v1.0.0?package-id=541fed4dde49a4be", "type": "library", "name": "github.com/ghodss/yaml", "version": "v1.0.0", @@ -963,7 +1017,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -975,7 +1029,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -992,12 +1046,74 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-logr/logr@v1.2.3?package-id=8737c419f432f223", + "bom-ref": "pkg:golang/github.com/go-logr/logr@v1.4.1?package-id=20c2e54e43417dff", "type": "library", "name": "github.com/go-logr/logr", - "version": "v1.2.3", - "cpe": "cpe:2.3:a:go-logr:logr:v1.2.3:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/go-logr/logr@v1.2.3", + "version": "v1.4.1", + "cpe": "cpe:2.3:a:go-logr:logr:v1.4.1:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/go-logr/logr@v1.4.1", + "properties": [ + { + "name": "syft:package:foundBy", + "value": "go-module-binary-cataloger" + }, + { + "name": "syft:package:language", + "value": "go" + }, + { + "name": "syft:package:type", + "value": "go-module" + }, + { + "name": "syft:package:metadataType", + "value": "go-module-buildinfo-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:go_logr:logr:v1.4.1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:go:logr:v1.4.1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" + }, + { + "name": "syft:location:0:path", + "value": "/usr/local/bin/kube-rbac-proxy" + }, + { + "name": "syft:metadata:architecture", + "value": "amd64" + }, + { + "name": "syft:metadata:goCompiledVersion", + "value": "go1.22.4" + }, + { + "name": "syft:metadata:goCryptoSettings:0", + "value": "standard-crypto" + }, + { + "name": "syft:metadata:h1Digest", + "value": "h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=" + }, + { + "name": "syft:metadata:mainModule", + "value": "github.com/brancz/kube-rbac-proxy" + } + ] + }, + { + "bom-ref": "pkg:golang/github.com/go-logr/stdr@v1.2.2?package-id=1329027e34f30dc4", + "type": "library", + "name": "github.com/go-logr/stdr", + "version": "v1.2.2", + "cpe": "cpe:2.3:a:go-logr:stdr:v1.2.2:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/go-logr/stdr@v1.2.2", "properties": [ { "name": "syft:package:foundBy", @@ -1017,15 +1133,15 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:go_logr:logr:v1.2.3:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:go_logr:stdr:v1.2.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:go:logr:v1.2.3:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:go:stdr:v1.2.2:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1037,7 +1153,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1045,7 +1161,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0=" + "value": "h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=" }, { "name": "syft:metadata:mainModule", @@ -1054,12 +1170,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.5?package-id=a518ea7442406b4e", + "bom-ref": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=500ebf29b917ebda", "type": "library", "name": "github.com/go-openapi/jsonpointer", - "version": "v0.19.5", - "cpe": "cpe:2.3:a:go-openapi:jsonpointer:v0.19.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.5", + "version": "v0.19.6", + "cpe": "cpe:2.3:a:go-openapi:jsonpointer:v0.19.6:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6", "properties": [ { "name": "syft:package:foundBy", @@ -1079,15 +1195,15 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:go_openapi:jsonpointer:v0.19.5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:go_openapi:jsonpointer:v0.19.6:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:go:jsonpointer:v0.19.5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:go:jsonpointer:v0.19.6:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1099,7 +1215,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1107,7 +1223,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY=" + "value": "h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE=" }, { "name": "syft:metadata:mainModule", @@ -1116,12 +1232,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/jsonreference@v0.19.5?package-id=9897316707badad5", + "bom-ref": "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=46d34d24143b9284", "type": "library", "name": "github.com/go-openapi/jsonreference", - "version": "v0.19.5", - "cpe": "cpe:2.3:a:go-openapi:jsonreference:v0.19.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/go-openapi/jsonreference@v0.19.5", + "version": "v0.20.2", + "cpe": "cpe:2.3:a:go-openapi:jsonreference:v0.20.2:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2", "properties": [ { "name": "syft:package:foundBy", @@ -1141,15 +1257,15 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:go_openapi:jsonreference:v0.19.5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:go_openapi:jsonreference:v0.20.2:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:go:jsonreference:v0.19.5:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:go:jsonreference:v0.20.2:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1161,7 +1277,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1169,7 +1285,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:1WJP/wi4OjB4iV8KVbH73rQaoialJrqv8gitZLxGLtM=" + "value": "h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=" }, { "name": "syft:metadata:mainModule", @@ -1178,12 +1294,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/go-openapi/swag@v0.19.14?package-id=f8a8b6d0cc9e148a", + "bom-ref": "pkg:golang/github.com/go-openapi/swag@v0.22.3?package-id=7567adc41613e065", "type": "library", "name": "github.com/go-openapi/swag", - "version": "v0.19.14", - "cpe": "cpe:2.3:a:go-openapi:swag:v0.19.14:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/go-openapi/swag@v0.19.14", + "version": "v0.22.3", + "cpe": "cpe:2.3:a:go-openapi:swag:v0.22.3:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/go-openapi/swag@v0.22.3", "properties": [ { "name": "syft:package:foundBy", @@ -1203,15 +1319,15 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:go_openapi:swag:v0.19.14:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:go_openapi:swag:v0.22.3:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:go:swag:v0.19.14:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:go:swag:v0.22.3:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1223,7 +1339,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1231,7 +1347,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:gm3vOOXfiuw5i9p5N9xJvfjvuofpyvLA9Wr6QfK5Fng=" + "value": "h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g=" }, { "name": "syft:metadata:mainModule", @@ -1240,7 +1356,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=7a8891ebf72bdb5d", + "bom-ref": "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=822a186e444fa173", "type": "library", "name": "github.com/gogo/protobuf", "version": "v1.3.2", @@ -1265,7 +1381,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1277,7 +1393,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1294,7 +1410,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/golang/groupcache@v0.0.0-20210331224755-41bb18bfe9da?package-id=85f96e5c6f171034", + "bom-ref": "pkg:golang/github.com/golang/groupcache@v0.0.0-20210331224755-41bb18bfe9da?package-id=2a0136b89d5f9b9d", "type": "library", "name": "github.com/golang/groupcache", "version": "v0.0.0-20210331224755-41bb18bfe9da", @@ -1319,7 +1435,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1331,7 +1447,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1348,12 +1464,66 @@ ] }, { - "bom-ref": "pkg:golang/github.com/golang/protobuf@v1.5.2?package-id=58698534e78717ca", + "bom-ref": "pkg:golang/github.com/golang/protobuf@v1.5.4?package-id=e2c230f9fb33a1f6", "type": "library", "name": "github.com/golang/protobuf", - "version": "v1.5.2", - "cpe": "cpe:2.3:a:golang:protobuf:v1.5.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/golang/protobuf@v1.5.2", + "version": "v1.5.4", + "cpe": "cpe:2.3:a:golang:protobuf:v1.5.4:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/golang/protobuf@v1.5.4", + "properties": [ + { + "name": "syft:package:foundBy", + "value": "go-module-binary-cataloger" + }, + { + "name": "syft:package:language", + "value": "go" + }, + { + "name": "syft:package:type", + "value": "go-module" + }, + { + "name": "syft:package:metadataType", + "value": "go-module-buildinfo-entry" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" + }, + { + "name": "syft:location:0:path", + "value": "/usr/local/bin/kube-rbac-proxy" + }, + { + "name": "syft:metadata:architecture", + "value": "amd64" + }, + { + "name": "syft:metadata:goCompiledVersion", + "value": "go1.22.4" + }, + { + "name": "syft:metadata:goCryptoSettings:0", + "value": "standard-crypto" + }, + { + "name": "syft:metadata:h1Digest", + "value": "h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=" + }, + { + "name": "syft:metadata:mainModule", + "value": "github.com/brancz/kube-rbac-proxy" + } + ] + }, + { + "bom-ref": "pkg:golang/github.com/google/cel-go@v0.17.8?package-id=63c3851dfd0f39c4", + "type": "library", + "name": "github.com/google/cel-go", + "version": "v0.17.8", + "cpe": "cpe:2.3:a:google:cel-go:v0.17.8:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/google/cel-go@v0.17.8", "properties": [ { "name": "syft:package:foundBy", @@ -1371,9 +1541,13 @@ "name": "syft:package:metadataType", "value": "go-module-buildinfo-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:google:cel_go:v0.17.8:*:*:*:*:*:*:*" + }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1385,7 +1559,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1393,7 +1567,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=" + "value": "h1:j9m730pMZt1Fc4oKhCLUHfjj6527LuhYcYw0Rl8gqto=" }, { "name": "syft:metadata:mainModule", @@ -1402,12 +1576,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/gnostic@v0.5.7-v3refs?package-id=072ef5726ee0350d", + "bom-ref": "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=68048a5fafb35985", "type": "library", - "name": "github.com/google/gnostic", - "version": "v0.5.7-v3refs", - "cpe": "cpe:2.3:a:google:gnostic:v0.5.7-v3refs:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/google/gnostic@v0.5.7-v3refs", + "name": "github.com/google/gnostic-models", + "version": "v0.6.8", + "cpe": "cpe:2.3:a:google:gnostic-models:v0.6.8:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/google/gnostic-models@v0.6.8", "properties": [ { "name": "syft:package:foundBy", @@ -1425,9 +1599,13 @@ "name": "syft:package:metadataType", "value": "go-module-buildinfo-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:google:gnostic_models:v0.6.8:*:*:*:*:*:*:*" + }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1439,7 +1617,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1447,7 +1625,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54=" + "value": "h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I=" }, { "name": "syft:metadata:mainModule", @@ -1456,12 +1634,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/go-cmp@v0.5.9?package-id=188aaf3cc8162c8c", + "bom-ref": "pkg:golang/github.com/google/go-cmp@v0.6.0?package-id=4fd5133b6c40abee", "type": "library", "name": "github.com/google/go-cmp", - "version": "v0.5.9", - "cpe": "cpe:2.3:a:google:go-cmp:v0.5.9:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/google/go-cmp@v0.5.9", + "version": "v0.6.0", + "cpe": "cpe:2.3:a:google:go-cmp:v0.6.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/google/go-cmp@v0.6.0", "properties": [ { "name": "syft:package:foundBy", @@ -1481,11 +1659,11 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:google:go_cmp:v0.5.9:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:google:go_cmp:v0.6.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1497,7 +1675,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1505,7 +1683,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=" + "value": "h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=" }, { "name": "syft:metadata:mainModule", @@ -1514,12 +1692,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/gofuzz@v1.1.0?package-id=283073c05cbfb281", + "bom-ref": "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=2ca657cc02076e41", "type": "library", "name": "github.com/google/gofuzz", - "version": "v1.1.0", - "cpe": "cpe:2.3:a:google:gofuzz:v1.1.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/google/gofuzz@v1.1.0", + "version": "v1.2.0", + "cpe": "cpe:2.3:a:google:gofuzz:v1.2.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/google/gofuzz@v1.2.0", "properties": [ { "name": "syft:package:foundBy", @@ -1539,7 +1717,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1551,7 +1729,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1559,7 +1737,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g=" + "value": "h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=" }, { "name": "syft:metadata:mainModule", @@ -1568,12 +1746,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/google/uuid@v1.1.2?package-id=904139e6cc7f7bf6", + "bom-ref": "pkg:golang/github.com/google/uuid@v1.6.0?package-id=9f924960c2ad2823", "type": "library", "name": "github.com/google/uuid", - "version": "v1.1.2", - "cpe": "cpe:2.3:a:google:uuid:v1.1.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/google/uuid@v1.1.2", + "version": "v1.6.0", + "cpe": "cpe:2.3:a:google:uuid:v1.6.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/google/uuid@v1.6.0", "properties": [ { "name": "syft:package:foundBy", @@ -1593,7 +1771,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1605,7 +1783,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1613,7 +1791,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y=" + "value": "h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=" }, { "name": "syft:metadata:mainModule", @@ -1622,7 +1800,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/grpc-ecosystem/go-grpc-prometheus@v1.2.0?package-id=dd1ae26f27702818", + "bom-ref": "pkg:golang/github.com/grpc-ecosystem/go-grpc-prometheus@v1.2.0?package-id=1f168dfac7cdb0b7", "type": "library", "name": "github.com/grpc-ecosystem/go-grpc-prometheus", "version": "v1.2.0", @@ -1667,7 +1845,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1679,7 +1857,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1696,12 +1874,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/grpc-ecosystem/grpc-gateway@v1.16.0?package-id=ba6afe8c47e74e87", + "bom-ref": "pkg:golang/github.com/grpc-ecosystem/grpc-gateway@v2.16.0?package-id=ed503c1215763928#v2", "type": "library", - "name": "github.com/grpc-ecosystem/grpc-gateway", - "version": "v1.16.0", - "cpe": "cpe:2.3:a:grpc-ecosystem:grpc-gateway:v1.16.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/grpc-ecosystem/grpc-gateway@v1.16.0", + "name": "github.com/grpc-ecosystem/grpc-gateway/v2", + "version": "v2.16.0", + "cpe": "cpe:2.3:a:grpc-ecosystem:grpc-gateway\\/v2:v2.16.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/grpc-ecosystem/grpc-gateway@v2.16.0#v2", "properties": [ { "name": "syft:package:foundBy", @@ -1721,27 +1899,27 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:grpc-ecosystem:grpc_gateway:v1.16.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:grpc-ecosystem:grpc_gateway\\/v2:v2.16.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:grpc_ecosystem:grpc-gateway:v1.16.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:grpc_ecosystem:grpc-gateway\\/v2:v2.16.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:grpc_ecosystem:grpc_gateway:v1.16.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:grpc_ecosystem:grpc_gateway\\/v2:v2.16.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:grpc:grpc-gateway:v1.16.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:grpc:grpc-gateway\\/v2:v2.16.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:grpc:grpc_gateway:v1.16.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:grpc:grpc_gateway\\/v2:v2.16.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1753,7 +1931,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1761,7 +1939,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4M0+kPpLofRdBo=" + "value": "h1:YBftPWNWd4WwGqtY2yeZL2ef8rHAxPBD8KFhJpmcqms=" }, { "name": "syft:metadata:mainModule", @@ -1770,7 +1948,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/imdario/mergo@v0.3.6?package-id=bdcf12d592098427", + "bom-ref": "pkg:golang/github.com/imdario/mergo@v0.3.6?package-id=8b8b3a661a9945e2", "type": "library", "name": "github.com/imdario/mergo", "version": "v0.3.6", @@ -1795,7 +1973,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1807,7 +1985,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1824,7 +2002,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=e7ae38ed1de69b88", + "bom-ref": "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=a6cef9deea27a281", "type": "library", "name": "github.com/josharian/intern", "version": "v1.0.0", @@ -1849,7 +2027,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1861,7 +2039,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1878,7 +2056,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=871c10e2521faa37", + "bom-ref": "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=2c916e0a1147318e", "type": "library", "name": "github.com/json-iterator/go", "version": "v1.1.12", @@ -1911,7 +2089,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1923,7 +2101,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1940,12 +2118,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/mailru/easyjson@v0.7.6?package-id=14c115e9a2eb3646", + "bom-ref": "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=0a3743333d2f43e8", "type": "library", "name": "github.com/mailru/easyjson", - "version": "v0.7.6", - "cpe": "cpe:2.3:a:mailru:easyjson:v0.7.6:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mailru/easyjson@v0.7.6", + "version": "v0.7.7", + "cpe": "cpe:2.3:a:mailru:easyjson:v0.7.7:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/mailru/easyjson@v0.7.7", "properties": [ { "name": "syft:package:foundBy", @@ -1965,7 +2143,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -1977,7 +2155,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -1985,7 +2163,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA=" + "value": "h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=" }, { "name": "syft:metadata:mainModule", @@ -1994,12 +2172,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v1.0.1?package-id=b698b6cf282027a7", + "bom-ref": "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v1.0.4?package-id=5e5336dee115cd48", "type": "library", "name": "github.com/matttproud/golang_protobuf_extensions", - "version": "v1.0.1", - "cpe": "cpe:2.3:a:matttproud:golang-protobuf-extensions:v1.0.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v1.0.1", + "version": "v1.0.4", + "cpe": "cpe:2.3:a:matttproud:golang-protobuf-extensions:v1.0.4:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v1.0.4", "properties": [ { "name": "syft:package:foundBy", @@ -2019,11 +2197,11 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:matttproud:golang_protobuf_extensions:v1.0.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:matttproud:golang_protobuf_extensions:v1.0.4:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2035,7 +2213,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2043,7 +2221,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=" + "value": "h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=" }, { "name": "syft:metadata:mainModule", @@ -2052,12 +2230,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/moby/term@v0.0.0-20210619224110-3f7ff695adc6?package-id=c937b82b173243ca", + "bom-ref": "pkg:golang/github.com/moby/term@v0.0.0-20221205130635-1aeaba878587?package-id=7f8b602eddddc309", "type": "library", "name": "github.com/moby/term", - "version": "v0.0.0-20210619224110-3f7ff695adc6", - "cpe": "cpe:2.3:a:moby:term:v0.0.0-20210619224110-3f7ff695adc6:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/moby/term@v0.0.0-20210619224110-3f7ff695adc6", + "version": "v0.0.0-20221205130635-1aeaba878587", + "cpe": "cpe:2.3:a:moby:term:v0.0.0-20221205130635-1aeaba878587:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/moby/term@v0.0.0-20221205130635-1aeaba878587", "properties": [ { "name": "syft:package:foundBy", @@ -2077,7 +2255,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2089,7 +2267,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2097,7 +2275,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:dcztxKSvZ4Id8iPpHERQBbIJfabdt4wUm5qy3wOL2Zc=" + "value": "h1:HfkjXDfhgVaN5rmueG8cL8KKeFNecRCXFhaJ2qZ5SKA=" }, { "name": "syft:metadata:mainModule", @@ -2106,7 +2284,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=89ec204ff279134a", + "bom-ref": "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=3ec06eefd42b1775", "type": "library", "name": "github.com/modern-go/concurrent", "version": "v0.0.0-20180306012644-bacd9c7ef1dd", @@ -2139,7 +2317,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2151,7 +2329,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2168,7 +2346,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=8dabf364b7516321", + "bom-ref": "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=05696812fac1fc7b", "type": "library", "name": "github.com/modern-go/reflect2", "version": "v1.0.2", @@ -2201,7 +2379,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2213,7 +2391,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2230,7 +2408,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=81e8f3104ffa71b4", + "bom-ref": "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=02ea5c3d1bb2c247", "type": "library", "name": "github.com/munnerz/goautoneg", "version": "v0.0.0-20191010083416-a7dc8b61c822", @@ -2255,7 +2433,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2267,7 +2445,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2284,7 +2462,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/oklog/run@v1.1.0?package-id=3d6a1958f4e142fa", + "bom-ref": "pkg:golang/github.com/oklog/run@v1.1.0?package-id=9faa1b1e5cf18c5c", "type": "library", "name": "github.com/oklog/run", "version": "v1.1.0", @@ -2309,7 +2487,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2321,7 +2499,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2338,7 +2516,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/pkg/errors@v0.9.1?package-id=6786fc9c98ea82af", + "bom-ref": "pkg:golang/github.com/pkg/errors@v0.9.1?package-id=91f932bce2ada932", "type": "library", "name": "github.com/pkg/errors", "version": "v0.9.1", @@ -2363,7 +2541,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2375,7 +2553,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2392,7 +2570,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/pquerna/cachecontrol@v0.1.0?package-id=37a7fe88bec1b2e9", + "bom-ref": "pkg:golang/github.com/pquerna/cachecontrol@v0.1.0?package-id=2cf52c7277900151", "type": "library", "name": "github.com/pquerna/cachecontrol", "version": "v0.1.0", @@ -2417,7 +2595,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2429,7 +2607,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2446,12 +2624,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/client_golang@v1.12.1?package-id=5da930e31ddada32", + "bom-ref": "pkg:golang/github.com/prometheus/client_golang@v1.16.0?package-id=463d2a489a181e05", "type": "library", "name": "github.com/prometheus/client_golang", - "version": "v1.12.1", - "cpe": "cpe:2.3:a:prometheus:client-golang:v1.12.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/prometheus/client_golang@v1.12.1", + "version": "v1.16.0", + "cpe": "cpe:2.3:a:prometheus:client-golang:v1.16.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/prometheus/client_golang@v1.16.0", "properties": [ { "name": "syft:package:foundBy", @@ -2471,11 +2649,11 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus:client_golang:v1.12.1:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus:client_golang:v1.16.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2487,7 +2665,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2495,7 +2673,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:ZiaPsmm9uiBeaSMRznKsCDNtPCS0T3JVDGF+06gjBzk=" + "value": "h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8=" }, { "name": "syft:metadata:mainModule", @@ -2504,12 +2682,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/client_model@v0.2.0?package-id=5a2fec74d139a2c7", + "bom-ref": "pkg:golang/github.com/prometheus/client_model@v0.4.0?package-id=df6c595458c29a1b", "type": "library", "name": "github.com/prometheus/client_model", - "version": "v0.2.0", - "cpe": "cpe:2.3:a:prometheus:client-model:v0.2.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/prometheus/client_model@v0.2.0", + "version": "v0.4.0", + "cpe": "cpe:2.3:a:prometheus:client-model:v0.4.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/prometheus/client_model@v0.4.0", "properties": [ { "name": "syft:package:foundBy", @@ -2529,11 +2707,11 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:prometheus:client_model:v0.2.0:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:prometheus:client_model:v0.4.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2545,7 +2723,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2553,7 +2731,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M=" + "value": "h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY=" }, { "name": "syft:metadata:mainModule", @@ -2562,12 +2740,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/common@v0.32.1?package-id=2944bc99bf9814ba", + "bom-ref": "pkg:golang/github.com/prometheus/common@v0.44.0?package-id=5a6935305e5d83e3", "type": "library", "name": "github.com/prometheus/common", - "version": "v0.32.1", - "cpe": "cpe:2.3:a:prometheus:common:v0.32.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/prometheus/common@v0.32.1", + "version": "v0.44.0", + "cpe": "cpe:2.3:a:prometheus:common:v0.44.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/prometheus/common@v0.44.0", "properties": [ { "name": "syft:package:foundBy", @@ -2587,7 +2765,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2599,7 +2777,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2607,7 +2785,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:hWIdL3N2HoUx3B8j3YN9mWor0qhY/NlEKZEaXxuIRh4=" + "value": "h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY=" }, { "name": "syft:metadata:mainModule", @@ -2616,12 +2794,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/prometheus/procfs@v0.7.3?package-id=1c250313a26a30bc", + "bom-ref": "pkg:golang/github.com/prometheus/procfs@v0.10.1?package-id=9da87a34824dc9aa", "type": "library", "name": "github.com/prometheus/procfs", - "version": "v0.7.3", - "cpe": "cpe:2.3:a:prometheus:procfs:v0.7.3:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/prometheus/procfs@v0.7.3", + "version": "v0.10.1", + "cpe": "cpe:2.3:a:prometheus:procfs:v0.10.1:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/prometheus/procfs@v0.10.1", "properties": [ { "name": "syft:package:foundBy", @@ -2641,7 +2819,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2653,7 +2831,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2661,7 +2839,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:4jVXhlkAyzOScmCkXBTOLRLTz8EeU+eyjrwB/EPq0VU=" + "value": "h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg=" }, { "name": "syft:metadata:mainModule", @@ -2670,12 +2848,12 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.6.1?package-id=b77de72e37d8332e", + "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.8.0?package-id=1738ba29404498e0", "type": "library", "name": "github.com/spf13/cobra", - "version": "v1.6.1", - "cpe": "cpe:2.3:a:spf13:cobra:v1.6.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/cobra@v1.6.1", + "version": "v1.8.0", + "cpe": "cpe:2.3:a:spf13:cobra:v1.8.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/spf13/cobra@v1.8.0", "properties": [ { "name": "syft:package:foundBy", @@ -2695,7 +2873,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2707,7 +2885,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2715,7 +2893,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA=" + "value": "h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0=" }, { "name": "syft:metadata:mainModule", @@ -2724,7 +2902,7 @@ ] }, { - "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=1ead55b9c1bb9176", + "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=ba3964c3cf85ff6c", "type": "library", "name": "github.com/spf13/pflag", "version": "v1.0.5", @@ -2749,7 +2927,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2761,7 +2939,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2778,12 +2956,12 @@ ] }, { - "bom-ref": "pkg:golang/go.etcd.io/etcd/api@v3.5.4?package-id=782669f335032608#v3", + "bom-ref": "pkg:golang/github.com/stoewer/go-strcase@v1.2.0?package-id=4ca4ba502d23ab2c", "type": "library", - "name": "go.etcd.io/etcd/api/v3", - "version": "v3.5.4", - "cpe": "cpe:2.3:a:etcd:api\\/v3:v3.5.4:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.etcd.io/etcd/api@v3.5.4#v3", + "name": "github.com/stoewer/go-strcase", + "version": "v1.2.0", + "cpe": "cpe:2.3:a:stoewer:go-strcase:v1.2.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/github.com/stoewer/go-strcase@v1.2.0", "properties": [ { "name": "syft:package:foundBy", @@ -2801,9 +2979,13 @@ "name": "syft:package:metadataType", "value": "go-module-buildinfo-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:stoewer:go_strcase:v1.2.0:*:*:*:*:*:*:*" + }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2815,7 +2997,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2823,7 +3005,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:OHVyt3TopwtUQ2GKdd5wu3PmmipR4FTwCqoEjSyRdIc=" + "value": "h1:Z2iHWqGXH00XYgqDmNgQbIBxf3wrNq0F3feEy0ainaU=" }, { "name": "syft:metadata:mainModule", @@ -2832,12 +3014,12 @@ ] }, { - "bom-ref": "pkg:golang/go.etcd.io/etcd/client@v3.5.4?package-id=18ac73a152c7f5b4#pkg/v3", + "bom-ref": "pkg:golang/go.etcd.io/etcd/api@v3.5.10?package-id=115846bda1c64dea#v3", "type": "library", - "name": "go.etcd.io/etcd/client/pkg/v3", - "version": "v3.5.4", - "cpe": "cpe:2.3:a:etcd:client\\/pkg\\/v3:v3.5.4:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.etcd.io/etcd/client@v3.5.4#pkg/v3", + "name": "go.etcd.io/etcd/api/v3", + "version": "v3.5.10", + "cpe": "cpe:2.3:a:etcd:api\\/v3:v3.5.10:*:*:*:*:*:*:*", + "purl": "pkg:golang/go.etcd.io/etcd/api@v3.5.10#v3", "properties": [ { "name": "syft:package:foundBy", @@ -2857,7 +3039,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2869,7 +3051,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2877,7 +3059,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:lrneYvz923dvC14R54XcA7FXoZ3mlGZAgmwhfm7HqOg=" + "value": "h1:szRajuUUbLyppkhs9K6BRtjY37l66XQQmw7oZRANE4k=" }, { "name": "syft:metadata:mainModule", @@ -2886,12 +3068,12 @@ ] }, { - "bom-ref": "pkg:golang/go.etcd.io/etcd/client@v3.5.4?package-id=3759f280b5e85196#v3", + "bom-ref": "pkg:golang/go.etcd.io/etcd/client@v3.5.10?package-id=22bf51a802b96de4#pkg/v3", "type": "library", - "name": "go.etcd.io/etcd/client/v3", - "version": "v3.5.4", - "cpe": "cpe:2.3:a:etcd:client\\/v3:v3.5.4:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.etcd.io/etcd/client@v3.5.4#v3", + "name": "go.etcd.io/etcd/client/pkg/v3", + "version": "v3.5.10", + "cpe": "cpe:2.3:a:etcd:client\\/pkg\\/v3:v3.5.10:*:*:*:*:*:*:*", + "purl": "pkg:golang/go.etcd.io/etcd/client@v3.5.10#pkg/v3", "properties": [ { "name": "syft:package:foundBy", @@ -2911,7 +3093,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2923,7 +3105,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2931,7 +3113,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:p83BUL3tAYS0OT/r0qglgc3M1JjhM0diV8DSWAhVXv4=" + "value": "h1:kfYIdQftBnbAq8pUWFXfpuuxFSKzlmM5cSn76JByiT0=" }, { "name": "syft:metadata:mainModule", @@ -2940,11 +3122,12 @@ ] }, { - "bom-ref": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0?package-id=cc19123ecbebe2ff", + "bom-ref": "pkg:golang/go.etcd.io/etcd/client@v3.5.10?package-id=576965389fa29e31#v3", "type": "library", - "name": "go.opentelemetry.io/contrib", - "version": "v0.20.0", - "purl": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0", + "name": "go.etcd.io/etcd/client/v3", + "version": "v3.5.10", + "cpe": "cpe:2.3:a:etcd:client\\/v3:v3.5.10:*:*:*:*:*:*:*", + "purl": "pkg:golang/go.etcd.io/etcd/client@v3.5.10#v3", "properties": [ { "name": "syft:package:foundBy", @@ -2964,7 +3147,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -2976,7 +3159,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -2984,7 +3167,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:ubFQUn0VCZ0gPwIoJfBJVpeBlyRMxu8Mm/huKWYd9p0=" + "value": "h1:W9TXNZ+oB3MCd/8UjxHTWK5J9Nquw9fQBLJd5ne5/Ao=" }, { "name": "syft:metadata:mainModule", @@ -2993,12 +3176,12 @@ ] }, { - "bom-ref": "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.20.0?package-id=fb2d217f071b91d6#googlegolangorg/grpc/otelgrpc", + "bom-ref": "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.51.0?package-id=0a49a367ed048d55#googlegolangorg/grpc/otelgrpc", "type": "library", "name": "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc", - "version": "v0.20.0", - "cpe": "cpe:2.3:a:contrib:instrumentation\\/google.golang.org\\/grpc\\/otelgrpc:v0.20.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.20.0#google.golang.org/grpc/otelgrpc", + "version": "v0.51.0", + "cpe": "cpe:2.3:a:contrib:instrumentation\\/google.golang.org\\/grpc\\/otelgrpc:v0.51.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.51.0#google.golang.org/grpc/otelgrpc", "properties": [ { "name": "syft:package:foundBy", @@ -3018,7 +3201,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3030,7 +3213,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3038,7 +3221,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:sO4WKdPAudZGKPcpZT4MJn6JaDmpyLrMPDGGyA1SttE=" + "value": "h1:A3SayB3rNyt+1S6qpI9mHPkeHTZbD7XILEqWnYZb2l0=" }, { "name": "syft:metadata:mainModule", @@ -3047,12 +3230,12 @@ ] }, { - "bom-ref": "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.20.0?package-id=a7a92643080fccf6#net/http/otelhttp", + "bom-ref": "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.44.0?package-id=b1684f001ee6da00#net/http/otelhttp", "type": "library", "name": "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp", - "version": "v0.20.0", - "cpe": "cpe:2.3:a:contrib:instrumentation\\/net\\/http\\/otelhttp:v0.20.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.20.0#net/http/otelhttp", + "version": "v0.44.0", + "cpe": "cpe:2.3:a:contrib:instrumentation\\/net\\/http\\/otelhttp:v0.44.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.44.0#net/http/otelhttp", "properties": [ { "name": "syft:package:foundBy", @@ -3072,7 +3255,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3084,7 +3267,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3092,7 +3275,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:Q3C9yzW6I9jqEc8sawxzxZmY48fs9u220KXq6d5s3XU=" + "value": "h1:KfYpVmrjI7JuToy5k8XV3nkapjWx48k4E4JOtVstzQI=" }, { "name": "syft:metadata:mainModule", @@ -3101,11 +3284,11 @@ ] }, { - "bom-ref": "pkg:golang/go.opentelemetry.io/otel@v0.20.0?package-id=86352906227ebba2", + "bom-ref": "pkg:golang/go.opentelemetry.io/otel@v1.26.0?package-id=b9fedfe4b8016fdb", "type": "library", "name": "go.opentelemetry.io/otel", - "version": "v0.20.0", - "purl": "pkg:golang/go.opentelemetry.io/otel@v0.20.0", + "version": "v1.26.0", + "purl": "pkg:golang/go.opentelemetry.io/otel@v1.26.0", "properties": [ { "name": "syft:package:foundBy", @@ -3125,7 +3308,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3137,7 +3320,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3145,7 +3328,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:eaP0Fqu7SXHwvjiqDq83zImeehOHX8doTvU9AwXON8g=" + "value": "h1:LQwgL5s/1W7YiiRwxf03QGnWLb2HW4pLiAhaA5cZXBs=" }, { "name": "syft:metadata:mainModule", @@ -3154,12 +3337,12 @@ ] }, { - "bom-ref": "pkg:golang/go.opentelemetry.io/otel/exporters@v0.20.0?package-id=9c0b7c50045b097a#otlp", + "bom-ref": "pkg:golang/go.opentelemetry.io/otel/exporters@v1.19.0?package-id=da782a96a963225e#otlp/otlptrace", "type": "library", - "name": "go.opentelemetry.io/otel/exporters/otlp", - "version": "v0.20.0", - "cpe": "cpe:2.3:a:otel:exporters\\/otlp:v0.20.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.opentelemetry.io/otel/exporters@v0.20.0#otlp", + "name": "go.opentelemetry.io/otel/exporters/otlp/otlptrace", + "version": "v1.19.0", + "cpe": "cpe:2.3:a:otel:exporters\\/otlp\\/otlptrace:v1.19.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/go.opentelemetry.io/otel/exporters@v1.19.0#otlp/otlptrace", "properties": [ { "name": "syft:package:foundBy", @@ -3179,7 +3362,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3191,7 +3374,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3199,7 +3382,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:PTNgq9MRmQqqJY0REVbZFvwkYOA85vbdQU/nVfxDyqg=" + "value": "h1:Mne5On7VWdx7omSrSSZvM4Kw7cS7NQkOOmLcgscI51U=" }, { "name": "syft:metadata:mainModule", @@ -3208,12 +3391,12 @@ ] }, { - "bom-ref": "pkg:golang/go.opentelemetry.io/otel/metric@v0.20.0?package-id=f28c9e0faac5c83e", + "bom-ref": "pkg:golang/go.opentelemetry.io/otel/exporters@v1.19.0?package-id=c6eb98e5b02740fa#otlp/otlptrace/otlptracegrpc", "type": "library", - "name": "go.opentelemetry.io/otel/metric", - "version": "v0.20.0", - "cpe": "cpe:2.3:a:otel:metric:v0.20.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.opentelemetry.io/otel/metric@v0.20.0", + "name": "go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc", + "version": "v1.19.0", + "cpe": "cpe:2.3:a:otel:exporters\\/otlp\\/otlptrace\\/otlptracegrpc:v1.19.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/go.opentelemetry.io/otel/exporters@v1.19.0#otlp/otlptrace/otlptracegrpc", "properties": [ { "name": "syft:package:foundBy", @@ -3233,7 +3416,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3245,7 +3428,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3253,7 +3436,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:4kzhXFP+btKm4jwxpjIqjs41A7MakRFUS86bqLHTIw8=" + "value": "h1:3d+S281UTjM+AbF31XSOYn1qXn3BgIdWl8HNEpx08Jk=" }, { "name": "syft:metadata:mainModule", @@ -3262,12 +3445,12 @@ ] }, { - "bom-ref": "pkg:golang/go.opentelemetry.io/otel/sdk@v0.20.0?package-id=885d2272b0287c58", + "bom-ref": "pkg:golang/go.opentelemetry.io/otel/metric@v1.26.0?package-id=59f5203fab379b1a", "type": "library", - "name": "go.opentelemetry.io/otel/sdk", - "version": "v0.20.0", - "cpe": "cpe:2.3:a:otel:sdk:v0.20.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.opentelemetry.io/otel/sdk@v0.20.0", + "name": "go.opentelemetry.io/otel/metric", + "version": "v1.26.0", + "cpe": "cpe:2.3:a:otel:metric:v1.26.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/go.opentelemetry.io/otel/metric@v1.26.0", "properties": [ { "name": "syft:package:foundBy", @@ -3287,7 +3470,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3299,7 +3482,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3307,7 +3490,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:JsxtGXd06J8jrnya7fdI/U/MR6yXA5DtbZy+qoHQlr8=" + "value": "h1:7S39CLuY5Jgg9CrnA9HHiEjGMF/X2VHvoXGgSllRz30=" }, { "name": "syft:metadata:mainModule", @@ -3316,12 +3499,12 @@ ] }, { - "bom-ref": "pkg:golang/go.opentelemetry.io/otel/sdk@v0.20.0?package-id=5210f75b0e6df851#export/metric", + "bom-ref": "pkg:golang/go.opentelemetry.io/otel/sdk@v1.26.0?package-id=ed3e2be0890e33f2", "type": "library", - "name": "go.opentelemetry.io/otel/sdk/export/metric", - "version": "v0.20.0", - "cpe": "cpe:2.3:a:otel:sdk\\/export\\/metric:v0.20.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.opentelemetry.io/otel/sdk@v0.20.0#export/metric", + "name": "go.opentelemetry.io/otel/sdk", + "version": "v1.26.0", + "cpe": "cpe:2.3:a:otel:sdk:v1.26.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/go.opentelemetry.io/otel/sdk@v1.26.0", "properties": [ { "name": "syft:package:foundBy", @@ -3341,7 +3524,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3353,7 +3536,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3361,7 +3544,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:c5VRjxCXdQlx1HjzwGdQHzZaVI82b5EbBgOu2ljD92g=" + "value": "h1:Y7bumHf5tAiDlRYFmGqetNcLaVUZmh4iYfmGxtmz7F8=" }, { "name": "syft:metadata:mainModule", @@ -3370,12 +3553,12 @@ ] }, { - "bom-ref": "pkg:golang/go.opentelemetry.io/otel/sdk@v0.20.0?package-id=4b52ccfe472c7f24#metric", + "bom-ref": "pkg:golang/go.opentelemetry.io/otel/trace@v1.26.0?package-id=235396930a36a58d", "type": "library", - "name": "go.opentelemetry.io/otel/sdk/metric", - "version": "v0.20.0", - "cpe": "cpe:2.3:a:otel:sdk\\/metric:v0.20.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.opentelemetry.io/otel/sdk@v0.20.0#metric", + "name": "go.opentelemetry.io/otel/trace", + "version": "v1.26.0", + "cpe": "cpe:2.3:a:otel:trace:v1.26.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/go.opentelemetry.io/otel/trace@v1.26.0", "properties": [ { "name": "syft:package:foundBy", @@ -3395,7 +3578,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3407,7 +3590,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3415,7 +3598,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:7ao1wpzHRVKf0OQ7GIxiQJA6X7DLX9o14gmVon7mMK8=" + "value": "h1:1ieeAUb4y0TE26jUFrCIXKpTuVK7uJGN9/Z/2LP5sQA=" }, { "name": "syft:metadata:mainModule", @@ -3424,12 +3607,12 @@ ] }, { - "bom-ref": "pkg:golang/go.opentelemetry.io/otel/trace@v0.20.0?package-id=f908e44b012ba74a", + "bom-ref": "pkg:golang/go.opentelemetry.io/proto/otlp@v1.0.0?package-id=87c45baa09a3ed84", "type": "library", - "name": "go.opentelemetry.io/otel/trace", - "version": "v0.20.0", - "cpe": "cpe:2.3:a:otel:trace:v0.20.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.opentelemetry.io/otel/trace@v0.20.0", + "name": "go.opentelemetry.io/proto/otlp", + "version": "v1.0.0", + "cpe": "cpe:2.3:a:proto:otlp:v1.0.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/go.opentelemetry.io/proto/otlp@v1.0.0", "properties": [ { "name": "syft:package:foundBy", @@ -3449,7 +3632,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3461,7 +3644,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3469,7 +3652,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:1DL6EXUdcg95gukhuRRvLDO/4X5THh/5dIV52lqtnbw=" + "value": "h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I=" }, { "name": "syft:metadata:mainModule", @@ -3478,12 +3661,11 @@ ] }, { - "bom-ref": "pkg:golang/go.opentelemetry.io/proto/otlp@v0.7.0?package-id=5617ecd97dbf7569", + "bom-ref": "pkg:golang/go.uber.org/multierr@v1.11.0?package-id=3ba4e2d7cd517b9d", "type": "library", - "name": "go.opentelemetry.io/proto/otlp", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:proto:otlp:v0.7.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/go.opentelemetry.io/proto/otlp@v0.7.0", + "name": "go.uber.org/multierr", + "version": "v1.11.0", + "purl": "pkg:golang/go.uber.org/multierr@v1.11.0", "properties": [ { "name": "syft:package:foundBy", @@ -3503,7 +3685,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3515,7 +3697,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3523,7 +3705,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:rwOQPCuKAKmwGKq2aVNnYIibI6wnV7EvzgfTCzcdGg8=" + "value": "h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=" }, { "name": "syft:metadata:mainModule", @@ -3532,11 +3714,11 @@ ] }, { - "bom-ref": "pkg:golang/go.uber.org/atomic@v1.7.0?package-id=eefe3d7e94462b8d", + "bom-ref": "pkg:golang/go.uber.org/zap@v1.26.0?package-id=0b0dd2562eaef8ad", "type": "library", - "name": "go.uber.org/atomic", - "version": "v1.7.0", - "purl": "pkg:golang/go.uber.org/atomic@v1.7.0", + "name": "go.uber.org/zap", + "version": "v1.26.0", + "purl": "pkg:golang/go.uber.org/zap@v1.26.0", "properties": [ { "name": "syft:package:foundBy", @@ -3556,7 +3738,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3568,7 +3750,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3576,7 +3758,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=" + "value": "h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo=" }, { "name": "syft:metadata:mainModule", @@ -3585,11 +3767,12 @@ ] }, { - "bom-ref": "pkg:golang/go.uber.org/multierr@v1.6.0?package-id=20d5fdb9817289b6", + "bom-ref": "pkg:golang/golang.org/x/crypto@v0.24.0?package-id=044728853dabc5b2", "type": "library", - "name": "go.uber.org/multierr", - "version": "v1.6.0", - "purl": "pkg:golang/go.uber.org/multierr@v1.6.0", + "name": "golang.org/x/crypto", + "version": "v0.24.0", + "cpe": "cpe:2.3:a:golang:x\\/crypto:v0.24.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/golang.org/x/crypto@v0.24.0", "properties": [ { "name": "syft:package:foundBy", @@ -3609,7 +3792,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3621,7 +3804,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3629,7 +3812,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4=" + "value": "h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI=" }, { "name": "syft:metadata:mainModule", @@ -3638,11 +3821,12 @@ ] }, { - "bom-ref": "pkg:golang/go.uber.org/zap@v1.19.0?package-id=058325fae8853d99", + "bom-ref": "pkg:golang/golang.org/x/exp@v0.0.0-20220722155223-a9213eeb770e?package-id=744016f63f354577", "type": "library", - "name": "go.uber.org/zap", - "version": "v1.19.0", - "purl": "pkg:golang/go.uber.org/zap@v1.19.0", + "name": "golang.org/x/exp", + "version": "v0.0.0-20220722155223-a9213eeb770e", + "cpe": "cpe:2.3:a:golang:x\\/exp:v0.0.0-20220722155223-a9213eeb770e:*:*:*:*:*:*:*", + "purl": "pkg:golang/golang.org/x/exp@v0.0.0-20220722155223-a9213eeb770e", "properties": [ { "name": "syft:package:foundBy", @@ -3662,7 +3846,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3674,7 +3858,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3682,7 +3866,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:mZQZefskPPCMIBCSEH0v2/iUqqLrYtaeqwD6FUGUnFE=" + "value": "h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA=" }, { "name": "syft:metadata:mainModule", @@ -3691,12 +3875,12 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd?package-id=f0061fbbc5b0db03", + "bom-ref": "pkg:golang/golang.org/x/net@v0.26.0?package-id=74964a31f3e0486c", "type": "library", - "name": "golang.org/x/crypto", - "version": "v0.0.0-20220315160706-3147a52a75dd", - "cpe": "cpe:2.3:a:golang:x\\/crypto:v0.0.0-20220315160706-3147a52a75dd:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd", + "name": "golang.org/x/net", + "version": "v0.26.0", + "cpe": "cpe:2.3:a:golang:networking:v0.26.0:*:*:*:*:go:*:*", + "purl": "pkg:golang/golang.org/x/net@v0.26.0", "properties": [ { "name": "syft:package:foundBy", @@ -3716,7 +3900,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3728,7 +3912,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3736,7 +3920,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:XcWmESyNjXJMLahc3mqVQJcgSTDxFxhETVlfk9uGc38=" + "value": "h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=" }, { "name": "syft:metadata:mainModule", @@ -3745,12 +3929,12 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/net@v0.7.0?package-id=a6ea4cba32e71c71", + "bom-ref": "pkg:golang/golang.org/x/oauth2@v0.18.0?package-id=65a84e5afe68fe04", "type": "library", - "name": "golang.org/x/net", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:golang:networking:v0.7.0:*:*:*:*:go:*:*", - "purl": "pkg:golang/golang.org/x/net@v0.7.0", + "name": "golang.org/x/oauth2", + "version": "v0.18.0", + "cpe": "cpe:2.3:a:golang:x\\/oauth2:v0.18.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/golang.org/x/oauth2@v0.18.0", "properties": [ { "name": "syft:package:foundBy", @@ -3770,7 +3954,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3782,7 +3966,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3790,7 +3974,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=" + "value": "h1:09qnuIAgzdx1XplqJvW6CQqMCtGZykZWcXzPMPUusvI=" }, { "name": "syft:metadata:mainModule", @@ -3799,12 +3983,12 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8?package-id=104f67cb590fb8f9", + "bom-ref": "pkg:golang/golang.org/x/sync@v0.7.0?package-id=cc6ddcd183042ba3", "type": "library", - "name": "golang.org/x/oauth2", - "version": "v0.0.0-20211104180415-d3ed0bb246c8", - "cpe": "cpe:2.3:a:golang:x\\/oauth2:v0.0.0-20211104180415-d3ed0bb246c8:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8", + "name": "golang.org/x/sync", + "version": "v0.7.0", + "cpe": "cpe:2.3:a:golang:x\\/sync:v0.7.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/golang.org/x/sync@v0.7.0", "properties": [ { "name": "syft:package:foundBy", @@ -3824,7 +4008,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3836,7 +4020,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3844,7 +4028,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg=" + "value": "h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=" }, { "name": "syft:metadata:mainModule", @@ -3853,12 +4037,12 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/sync@v0.0.0-20220722155255-886fb9371eb4?package-id=4cb64c82bb2e2acc", + "bom-ref": "pkg:golang/golang.org/x/sys@v0.21.0?package-id=a646b4860028a84d", "type": "library", - "name": "golang.org/x/sync", - "version": "v0.0.0-20220722155255-886fb9371eb4", - "cpe": "cpe:2.3:a:golang:x\\/sync:v0.0.0-20220722155255-886fb9371eb4:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/sync@v0.0.0-20220722155255-886fb9371eb4", + "name": "golang.org/x/sys", + "version": "v0.21.0", + "cpe": "cpe:2.3:a:golang:x\\/sys:v0.21.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/golang.org/x/sys@v0.21.0", "properties": [ { "name": "syft:package:foundBy", @@ -3878,7 +4062,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3890,7 +4074,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3898,7 +4082,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw=" + "value": "h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=" }, { "name": "syft:metadata:mainModule", @@ -3907,12 +4091,12 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/sys@v0.5.0?package-id=98ae820f489ed049", + "bom-ref": "pkg:golang/golang.org/x/term@v0.21.0?package-id=8e5c64ee836c60f5", "type": "library", - "name": "golang.org/x/sys", - "version": "v0.5.0", - "cpe": "cpe:2.3:a:golang:x\\/sys:v0.5.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/sys@v0.5.0", + "name": "golang.org/x/term", + "version": "v0.21.0", + "cpe": "cpe:2.3:a:golang:x\\/term:v0.21.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/golang.org/x/term@v0.21.0", "properties": [ { "name": "syft:package:foundBy", @@ -3932,7 +4116,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3944,7 +4128,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -3952,7 +4136,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=" + "value": "h1:WVXCp+/EBEHOj53Rvu+7KiT/iElMrO8ACK16SMZ3jaA=" }, { "name": "syft:metadata:mainModule", @@ -3961,12 +4145,12 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/term@v0.5.0?package-id=250faa58e08a9cbe", + "bom-ref": "pkg:golang/golang.org/x/text@v0.16.0?package-id=51216776decd0e30", "type": "library", - "name": "golang.org/x/term", - "version": "v0.5.0", - "cpe": "cpe:2.3:a:golang:x\\/term:v0.5.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/term@v0.5.0", + "name": "golang.org/x/text", + "version": "v0.16.0", + "cpe": "cpe:2.3:a:golang:text:v0.16.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/golang.org/x/text@v0.16.0", "properties": [ { "name": "syft:package:foundBy", @@ -3986,7 +4170,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -3998,7 +4182,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4006,7 +4190,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY=" + "value": "h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=" }, { "name": "syft:metadata:mainModule", @@ -4015,12 +4199,12 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/text@v0.7.0?package-id=c24f6c68aa61a026", + "bom-ref": "pkg:golang/golang.org/x/time@v0.3.0?package-id=5870fb788a9d4243", "type": "library", - "name": "golang.org/x/text", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:golang:text:v0.7.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/text@v0.7.0", + "name": "golang.org/x/time", + "version": "v0.3.0", + "cpe": "cpe:2.3:a:golang:x\\/time:v0.3.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/golang.org/x/time@v0.3.0", "properties": [ { "name": "syft:package:foundBy", @@ -4040,7 +4224,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4052,7 +4236,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4060,7 +4244,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=" + "value": "h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=" }, { "name": "syft:metadata:mainModule", @@ -4069,12 +4253,12 @@ ] }, { - "bom-ref": "pkg:golang/golang.org/x/time@v0.0.0-20220210224613-90d013bbcef8?package-id=84b8ada0f64826e3", + "bom-ref": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20240318140521-94a12d6c2237?package-id=25e1d03e84f38b3a#api", "type": "library", - "name": "golang.org/x/time", - "version": "v0.0.0-20220210224613-90d013bbcef8", - "cpe": "cpe:2.3:a:golang:x\\/time:v0.0.0-20220210224613-90d013bbcef8:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/time@v0.0.0-20220210224613-90d013bbcef8", + "name": "google.golang.org/genproto/googleapis/api", + "version": "v0.0.0-20240318140521-94a12d6c2237", + "cpe": "cpe:2.3:a:google:genproto:v0.0.0-20240318140521-94a12d6c2237:*:*:*:*:*:*:*", + "purl": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20240318140521-94a12d6c2237#api", "properties": [ { "name": "syft:package:foundBy", @@ -4094,7 +4278,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4106,7 +4290,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4114,7 +4298,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:vVKdlvoWBphwdxWKrFZEuM0kGgGLxUOYcY4U/2Vjg44=" + "value": "h1:RFiFrvy37/mpSpdySBDrUdipW/dHwsRwh3J3+A9VgT4=" }, { "name": "syft:metadata:mainModule", @@ -4123,12 +4307,12 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/genproto@v0.0.0-20220502173005-c8bf987b8c21?package-id=99198c4346b495da", + "bom-ref": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20240515191416-fc5f0ca64291?package-id=5577cb5fd33c3419#rpc", "type": "library", - "name": "google.golang.org/genproto", - "version": "v0.0.0-20220502173005-c8bf987b8c21", - "cpe": "cpe:2.3:a:google:genproto:v0.0.0-20220502173005-c8bf987b8c21:*:*:*:*:*:*:*", - "purl": "pkg:golang/google.golang.org/genproto@v0.0.0-20220502173005-c8bf987b8c21", + "name": "google.golang.org/genproto/googleapis/rpc", + "version": "v0.0.0-20240515191416-fc5f0ca64291", + "cpe": "cpe:2.3:a:google:genproto:v0.0.0-20240515191416-fc5f0ca64291:*:*:*:*:*:*:*", + "purl": "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20240515191416-fc5f0ca64291#rpc", "properties": [ { "name": "syft:package:foundBy", @@ -4148,7 +4332,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4160,7 +4344,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4168,7 +4352,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:hrbNEivu7Zn1pxvHk6MBrq9iE22woVILTHqexqBxe6I=" + "value": "h1:AgADTJarZTBqgjiUzRgfaBchgYB3/WFTC80GPwsMcRI=" }, { "name": "syft:metadata:mainModule", @@ -4177,12 +4361,12 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/grpc@v1.47.0?package-id=8cd7004c7d18391b", + "bom-ref": "pkg:golang/google.golang.org/grpc@v1.64.0?package-id=93f9231f32cb1ef2", "type": "library", "name": "google.golang.org/grpc", - "version": "v1.47.0", - "cpe": "cpe:2.3:a:google:grpc:v1.47.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/google.golang.org/grpc@v1.47.0", + "version": "v1.64.0", + "cpe": "cpe:2.3:a:google:grpc:v1.64.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/google.golang.org/grpc@v1.64.0", "properties": [ { "name": "syft:package:foundBy", @@ -4202,7 +4386,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4214,7 +4398,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4222,7 +4406,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:9n77onPX5F3qfFCqjy9dhn8PbNQsIKeVU04J9G7umt8=" + "value": "h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY=" }, { "name": "syft:metadata:mainModule", @@ -4231,12 +4415,12 @@ ] }, { - "bom-ref": "pkg:golang/google.golang.org/protobuf@v1.28.0?package-id=a7ecd570c62e3d9b", + "bom-ref": "pkg:golang/google.golang.org/protobuf@v1.34.1?package-id=234c4905c09dcf1c", "type": "library", "name": "google.golang.org/protobuf", - "version": "v1.28.0", - "cpe": "cpe:2.3:a:google:protobuf:v1.28.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/google.golang.org/protobuf@v1.28.0", + "version": "v1.34.1", + "cpe": "cpe:2.3:a:google:protobuf:v1.34.1:*:*:*:*:*:*:*", + "purl": "pkg:golang/google.golang.org/protobuf@v1.34.1", "properties": [ { "name": "syft:package:foundBy", @@ -4256,7 +4440,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4268,7 +4452,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4276,7 +4460,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=" + "value": "h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=" }, { "name": "syft:metadata:mainModule", @@ -4285,7 +4469,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=869e69d197536a83", + "bom-ref": "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=b8f40b1b15b61f15", "type": "library", "name": "gopkg.in/inf.v0", "version": "v0.9.1", @@ -4309,7 +4493,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4321,7 +4505,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4338,11 +4522,11 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/natefinch/lumberjack.v2@v2.0.0?package-id=cbc2176dadcf8e00", + "bom-ref": "pkg:golang/gopkg.in/natefinch/lumberjack.v2@v2.2.1?package-id=9cdb25369c4081bd", "type": "library", "name": "gopkg.in/natefinch/lumberjack.v2", - "version": "v2.0.0", - "purl": "pkg:golang/gopkg.in/natefinch/lumberjack.v2@v2.0.0", + "version": "v2.2.1", + "purl": "pkg:golang/gopkg.in/natefinch/lumberjack.v2@v2.2.1", "properties": [ { "name": "syft:package:foundBy", @@ -4362,7 +4546,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4374,7 +4558,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4382,7 +4566,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:1Lc07Kr7qY4U2YPouBjpCLxpiyxIVoxqXgkXLknAOE8=" + "value": "h1:bBRl1b0OH9s/DuPhuXpNl+VtCaJXFZ5/uEFST95x9zc=" }, { "name": "syft:metadata:mainModule", @@ -4391,11 +4575,11 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2?package-id=2877e7e2199f786b", + "bom-ref": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0?package-id=a5e160e9c94e6dbb", "type": "library", "name": "gopkg.in/square/go-jose.v2", - "version": "v2.2.2", - "purl": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2", + "version": "v2.6.0", + "purl": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0", "properties": [ { "name": "syft:package:foundBy", @@ -4415,7 +4599,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4427,7 +4611,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4435,7 +4619,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:orlkJ3myw8CN1nVQHBFfloD+L3egixIa4FvUP6RosSA=" + "value": "h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI=" }, { "name": "syft:metadata:mainModule", @@ -4444,7 +4628,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=7356da9defb5e9e3", + "bom-ref": "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=eea76200a8e079c7", "type": "library", "name": "gopkg.in/yaml.v2", "version": "v2.4.0", @@ -4468,7 +4652,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4480,7 +4664,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4497,7 +4681,7 @@ ] }, { - "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=23d3abef187b0f62", + "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=68c818a3836d106f", "type": "library", "name": "gopkg.in/yaml.v3", "version": "v3.0.1", @@ -4522,7 +4706,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4534,7 +4718,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4551,11 +4735,11 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/api@v0.25.2?package-id=def246df490f5013", + "bom-ref": "pkg:golang/k8s.io/api@v0.30.1?package-id=76c3589f0142ab3f", "type": "library", "name": "k8s.io/api", - "version": "v0.25.2", - "purl": "pkg:golang/k8s.io/api@v0.25.2", + "version": "v0.30.1", + "purl": "pkg:golang/k8s.io/api@v0.30.1", "properties": [ { "name": "syft:package:foundBy", @@ -4575,7 +4759,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4587,7 +4771,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4595,7 +4779,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:v6G8RyFcwf0HR5jQGIAYlvtRNrxMJQG1xJzaSeVnIS8=" + "value": "h1:kCm/6mADMdbAxmIh0LBjS54nQBE+U4KmbCfIkF5CpJY=" }, { "name": "syft:metadata:mainModule", @@ -4604,11 +4788,11 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/apimachinery@v0.25.2?package-id=91d819540a8d1fea", + "bom-ref": "pkg:golang/k8s.io/apimachinery@v0.30.1?package-id=b7e30049f0049a9c", "type": "library", "name": "k8s.io/apimachinery", - "version": "v0.25.2", - "purl": "pkg:golang/k8s.io/apimachinery@v0.25.2", + "version": "v0.30.1", + "purl": "pkg:golang/k8s.io/apimachinery@v0.30.1", "properties": [ { "name": "syft:package:foundBy", @@ -4628,7 +4812,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4640,7 +4824,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4648,7 +4832,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:WbxfAjCx+AeN8Ilp9joWnyJ6xu9OMeS/fsfjK/5zaQs=" + "value": "h1:ZQStsEfo4n65yAdlGTfP/uSHMQSoYzU/oeEbkmF7P2U=" }, { "name": "syft:metadata:mainModule", @@ -4657,11 +4841,11 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/apiserver@v0.25.2?package-id=dcd8bb9e9419b81e", + "bom-ref": "pkg:golang/k8s.io/apiserver@v0.30.1?package-id=f538d2ef4495fc29", "type": "library", "name": "k8s.io/apiserver", - "version": "v0.25.2", - "purl": "pkg:golang/k8s.io/apiserver@v0.25.2", + "version": "v0.30.1", + "purl": "pkg:golang/k8s.io/apiserver@v0.30.1", "properties": [ { "name": "syft:package:foundBy", @@ -4681,7 +4865,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4693,7 +4877,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4701,7 +4885,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:YePimobk187IMIdnmsMxsfIbC5p4eX3WSOrS9x6FEYw=" + "value": "h1:BEWEe8bzS12nMtDKXzCF5Q5ovp6LjjYkSp8qOPk8LZ8=" }, { "name": "syft:metadata:mainModule", @@ -4710,11 +4894,11 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/client-go@v0.25.2?package-id=e75be8f0a1abae94", + "bom-ref": "pkg:golang/k8s.io/client-go@v0.30.1?package-id=26477dab351e91a0", "type": "library", "name": "k8s.io/client-go", - "version": "v0.25.2", - "purl": "pkg:golang/k8s.io/client-go@v0.25.2", + "version": "v0.30.1", + "purl": "pkg:golang/k8s.io/client-go@v0.30.1", "properties": [ { "name": "syft:package:foundBy", @@ -4734,7 +4918,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4746,7 +4930,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4754,7 +4938,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:SUPp9p5CwM0yXGQrwYurw9LWz+YtMwhWd0GqOsSiefo=" + "value": "h1:uC/Ir6A3R46wdkgCV3vbLyNOYyCJ8oZnjtJGKfytl/Q=" }, { "name": "syft:metadata:mainModule", @@ -4763,11 +4947,11 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/component-base@v0.25.2?package-id=e69b95c8da2faf73", + "bom-ref": "pkg:golang/k8s.io/component-base@v0.30.1?package-id=a8878bdfc3a43f52", "type": "library", "name": "k8s.io/component-base", - "version": "v0.25.2", - "purl": "pkg:golang/k8s.io/component-base@v0.25.2", + "version": "v0.30.1", + "purl": "pkg:golang/k8s.io/component-base@v0.30.1", "properties": [ { "name": "syft:package:foundBy", @@ -4787,7 +4971,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4799,7 +4983,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4807,7 +4991,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:Nve/ZyHLUBHz1rqwkjXm/Re6IniNa5k7KgzxZpTfSQY=" + "value": "h1:bvAtlPh1UrdaZL20D9+sWxsJljMi0QZ3Lmw+kmZAaxQ=" }, { "name": "syft:metadata:mainModule", @@ -4816,12 +5000,65 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/klog/v2@v2.80.1?package-id=2fb0eecb6dedd61a", + "bom-ref": "pkg:golang/k8s.io/klog/v2@v2.120.1?package-id=1c0aeb2284ae6a08", "type": "library", "name": "k8s.io/klog/v2", - "version": "v2.80.1", - "cpe": "cpe:2.3:a:klog:v2:v2.80.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/k8s.io/klog/v2@v2.80.1", + "version": "v2.120.1", + "cpe": "cpe:2.3:a:klog:v2:v2.120.1:*:*:*:*:*:*:*", + "purl": "pkg:golang/k8s.io/klog/v2@v2.120.1", + "properties": [ + { + "name": "syft:package:foundBy", + "value": "go-module-binary-cataloger" + }, + { + "name": "syft:package:language", + "value": "go" + }, + { + "name": "syft:package:type", + "value": "go-module" + }, + { + "name": "syft:package:metadataType", + "value": "go-module-buildinfo-entry" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" + }, + { + "name": "syft:location:0:path", + "value": "/usr/local/bin/kube-rbac-proxy" + }, + { + "name": "syft:metadata:architecture", + "value": "amd64" + }, + { + "name": "syft:metadata:goCompiledVersion", + "value": "go1.22.4" + }, + { + "name": "syft:metadata:goCryptoSettings:0", + "value": "standard-crypto" + }, + { + "name": "syft:metadata:h1Digest", + "value": "h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=" + }, + { + "name": "syft:metadata:mainModule", + "value": "github.com/brancz/kube-rbac-proxy" + } + ] + }, + { + "bom-ref": "pkg:golang/k8s.io/kms@v0.30.1?package-id=4102d8e349b359ca", + "type": "library", + "name": "k8s.io/kms", + "version": "v0.30.1", + "purl": "pkg:golang/k8s.io/kms@v0.30.1", "properties": [ { "name": "syft:package:foundBy", @@ -4841,7 +5078,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4853,7 +5090,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4861,7 +5098,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4=" + "value": "h1:gEIbEeCbFiaN2tNfp/EUhFdGr5/CSj8Eyq6Mkr7cCiY=" }, { "name": "syft:metadata:mainModule", @@ -4870,11 +5107,11 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20220803162953-67bda5d908f1?package-id=bcc0521b01ba998b", + "bom-ref": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20240228011516-70dd3763d340?package-id=86678d4ed58c6456", "type": "library", "name": "k8s.io/kube-openapi", - "version": "v0.0.0-20220803162953-67bda5d908f1", - "purl": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20220803162953-67bda5d908f1", + "version": "v0.0.0-20240228011516-70dd3763d340", + "purl": "pkg:golang/k8s.io/kube-openapi@v0.0.0-20240228011516-70dd3763d340", "properties": [ { "name": "syft:package:foundBy", @@ -4894,7 +5131,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4906,7 +5143,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4914,7 +5151,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:MQ8BAZPZlWk3S9K4a9NCkIFQtZShWqoha7snGixVgEA=" + "value": "h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag=" }, { "name": "syft:metadata:mainModule", @@ -4923,11 +5160,11 @@ ] }, { - "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20220728103510-ee6ede2d64ed?package-id=88c58dc229f37804", + "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20230726121419-3b25d923346b?package-id=d7715c9b28a6e05e", "type": "library", "name": "k8s.io/utils", - "version": "v0.0.0-20220728103510-ee6ede2d64ed", - "purl": "pkg:golang/k8s.io/utils@v0.0.0-20220728103510-ee6ede2d64ed", + "version": "v0.0.0-20230726121419-3b25d923346b", + "purl": "pkg:golang/k8s.io/utils@v0.0.0-20230726121419-3b25d923346b", "properties": [ { "name": "syft:package:foundBy", @@ -4947,7 +5184,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -4959,7 +5196,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -4967,7 +5204,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:jAne/RjBTyawwAy0utX5eqigAwz/lQhTmy+Hr/Cpue4=" + "value": "h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI=" }, { "name": "syft:metadata:mainModule", @@ -4976,11 +5213,11 @@ ] }, { - "bom-ref": "pkg:deb/debian/netbase@6.3?arch=all&distro=debian-11&package-id=a3d0178c1c98c267", + "bom-ref": "pkg:deb/debian/netbase@6.4?arch=all&distro=debian-12&package-id=4939fc774fcd360e", "type": "library", "publisher": "Marco d'Itri ", "name": "netbase", - "version": "6.3", + "version": "6.4", "licenses": [ { "license": { @@ -4988,8 +5225,8 @@ } } ], - "cpe": "cpe:2.3:a:netbase:netbase:6.3:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/netbase@6.3?arch=all&distro=debian-11", + "cpe": "cpe:2.3:a:netbase:netbase:6.4:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/netbase@6.4?arch=all&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -5005,7 +5242,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:6fbdf253bbc2490dcfede5bdb58ca0db63ee8aff565f6ea9f918f3bce9e2d5aa" + "value": "sha256:49626df344c912cfe9f8d8fcd635d301bd41127cd326914212cf2443a96cf421" }, { "name": "syft:location:0:path", @@ -5013,7 +5250,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:6fbdf253bbc2490dcfede5bdb58ca0db63ee8aff565f6ea9f918f3bce9e2d5aa" + "value": "sha256:49626df344c912cfe9f8d8fcd635d301bd41127cd326914212cf2443a96cf421" }, { "name": "syft:location:1:path", @@ -5021,7 +5258,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:6fbdf253bbc2490dcfede5bdb58ca0db63ee8aff565f6ea9f918f3bce9e2d5aa" + "value": "sha256:49626df344c912cfe9f8d8fcd635d301bd41127cd326914212cf2443a96cf421" }, { "name": "syft:location:2:path", @@ -5029,17 +5266,17 @@ }, { "name": "syft:metadata:installedSize", - "value": "41" + "value": "36" } ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/apiserver-network-proxy/konnectivity-client@v0.0.32?package-id=b4df4f6f1ccd00e8", + "bom-ref": "pkg:golang/sigs.k8s.io/apiserver-network-proxy/konnectivity-client@v0.29.0?package-id=f4ae2d5739b77953", "type": "library", "name": "sigs.k8s.io/apiserver-network-proxy/konnectivity-client", - "version": "v0.0.32", - "cpe": "cpe:2.3:a:apiserver-network-proxy:konnectivity-client:v0.0.32:*:*:*:*:*:*:*", - "purl": "pkg:golang/sigs.k8s.io/apiserver-network-proxy/konnectivity-client@v0.0.32", + "version": "v0.29.0", + "cpe": "cpe:2.3:a:apiserver-network-proxy:konnectivity-client:v0.29.0:*:*:*:*:*:*:*", + "purl": "pkg:golang/sigs.k8s.io/apiserver-network-proxy/konnectivity-client@v0.29.0", "properties": [ { "name": "syft:package:foundBy", @@ -5059,43 +5296,43 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apiserver-network-proxy:konnectivity_client:v0.0.32:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apiserver-network-proxy:konnectivity_client:v0.29.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apiserver_network_proxy:konnectivity-client:v0.0.32:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apiserver_network_proxy:konnectivity-client:v0.29.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apiserver_network_proxy:konnectivity_client:v0.0.32:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apiserver_network_proxy:konnectivity_client:v0.29.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apiserver-network:konnectivity-client:v0.0.32:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apiserver-network:konnectivity-client:v0.29.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apiserver-network:konnectivity_client:v0.0.32:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apiserver-network:konnectivity_client:v0.29.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apiserver_network:konnectivity-client:v0.0.32:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apiserver_network:konnectivity-client:v0.29.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apiserver_network:konnectivity_client:v0.0.32:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apiserver_network:konnectivity_client:v0.29.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apiserver:konnectivity-client:v0.0.32:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apiserver:konnectivity-client:v0.29.0:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:apiserver:konnectivity_client:v0.0.32:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:apiserver:konnectivity_client:v0.29.0:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -5107,7 +5344,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5115,7 +5352,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:2WjukG7txtEsbXsSKWtTibCdsyYAhcu6KFnttyDdZOQ=" + "value": "h1:/U5vjBbQn3RChhv7P11uhYvCSm5G2GaIi5AIGBS6r4c=" }, { "name": "syft:metadata:mainModule", @@ -5124,11 +5361,11 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/json@v0.0.0-20220713155537-f223a00ba0e2?package-id=e80fd3055c3a08ee", + "bom-ref": "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=d09140a401e0ea0e", "type": "library", "name": "sigs.k8s.io/json", - "version": "v0.0.0-20220713155537-f223a00ba0e2", - "purl": "pkg:golang/sigs.k8s.io/json@v0.0.0-20220713155537-f223a00ba0e2", + "version": "v0.0.0-20221116044647-bc3834ca7abd", + "purl": "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd", "properties": [ { "name": "syft:package:foundBy", @@ -5148,7 +5385,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -5160,7 +5397,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5168,7 +5405,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k=" + "value": "h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=" }, { "name": "syft:metadata:mainModule", @@ -5177,12 +5414,12 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3?package-id=8edd3c6b3ca43e5d", + "bom-ref": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.4.1?package-id=b63427a81c453929", "type": "library", "name": "sigs.k8s.io/structured-merge-diff/v4", - "version": "v4.2.3", - "cpe": "cpe:2.3:a:structured-merge-diff:v4:v4.2.3:*:*:*:*:*:*:*", - "purl": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.2.3", + "version": "v4.4.1", + "cpe": "cpe:2.3:a:structured-merge-diff:v4:v4.4.1:*:*:*:*:*:*:*", + "purl": "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.4.1", "properties": [ { "name": "syft:package:foundBy", @@ -5202,23 +5439,23 @@ }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:structured_merge_diff:v4:v4.2.3:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:structured_merge_diff:v4:v4.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:structured-merge:v4:v4.2.3:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:structured-merge:v4:v4.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:structured_merge:v4:v4.2.3:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:structured_merge:v4:v4.4.1:*:*:*:*:*:*:*" }, { "name": "syft:cpe23", - "value": "cpe:2.3:a:structured:v4:v4.2.3:*:*:*:*:*:*:*" + "value": "cpe:2.3:a:structured:v4:v4.4.1:*:*:*:*:*:*:*" }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -5230,7 +5467,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5238,7 +5475,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=" + "value": "h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4=" }, { "name": "syft:metadata:mainModule", @@ -5247,11 +5484,11 @@ ] }, { - "bom-ref": "pkg:golang/sigs.k8s.io/yaml@v1.2.0?package-id=752ca6af9cf937d3", + "bom-ref": "pkg:golang/sigs.k8s.io/yaml@v1.3.0?package-id=d8bef13f258e95c4", "type": "library", "name": "sigs.k8s.io/yaml", - "version": "v1.2.0", - "purl": "pkg:golang/sigs.k8s.io/yaml@v1.2.0", + "version": "v1.3.0", + "purl": "pkg:golang/sigs.k8s.io/yaml@v1.3.0", "properties": [ { "name": "syft:package:foundBy", @@ -5271,7 +5508,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -5283,7 +5520,7 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" }, { "name": "syft:metadata:goCryptoSettings:0", @@ -5291,7 +5528,7 @@ }, { "name": "syft:metadata:h1Digest", - "value": "h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q=" + "value": "h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=" }, { "name": "syft:metadata:mainModule", @@ -5300,10 +5537,10 @@ ] }, { - "bom-ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b", + "bom-ref": "pkg:golang/stdlib@1.22.4?package-id=acf88ad9230c9249", "type": "library", "name": "stdlib", - "version": "go1.19.4", + "version": "go1.22.4", "licenses": [ { "license": { @@ -5311,8 +5548,8 @@ } } ], - "cpe": "cpe:2.3:a:golang:go:1.19.4:-:*:*:*:*:*:*", - "purl": "pkg:golang/stdlib@1.19.4", + "cpe": "cpe:2.3:a:golang:go:1.22.4:-:*:*:*:*:*:*", + "purl": "pkg:golang/stdlib@1.22.4", "properties": [ { "name": "syft:package:language", @@ -5328,7 +5565,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:2d97ae6a77d0e81eb0e10fb97908140e8b2df3bff0798ec4a7183dcbcf3ebd49" + "value": "sha256:a9155867c8898bb705a5a0e43594602ea0e45885c76533ed3dd8faa282a09080" }, { "name": "syft:location:0:path", @@ -5336,18 +5573,25 @@ }, { "name": "syft:metadata:goCompiledVersion", - "value": "go1.19.4" + "value": "go1.22.4" } ] }, { - "bom-ref": "pkg:deb/debian/tzdata@2021a-1%2Bdeb11u9?arch=all&distro=debian-11&package-id=28cccd958b4c5b42", + "bom-ref": "pkg:deb/debian/tzdata@2024a-0%2Bdeb12u1?arch=all&distro=debian-12&package-id=0554439f25547568", "type": "library", "publisher": "GNU Libc Maintainers ", "name": "tzdata", - "version": "2021a-1+deb11u9", - "cpe": "cpe:2.3:a:tzdata:tzdata:2021a-1\\+deb11u9:*:*:*:*:*:*:*", - "purl": "pkg:deb/debian/tzdata@2021a-1%2Bdeb11u9?arch=all&distro=debian-11", + "version": "2024a-0+deb12u1", + "licenses": [ + { + "license": { + "name": "public-domain" + } + } + ], + "cpe": "cpe:2.3:a:tzdata:tzdata:2024a-0\\+deb12u1:*:*:*:*:*:*:*", + "purl": "pkg:deb/debian/tzdata@2024a-0%2Bdeb12u1?arch=all&distro=debian-12", "properties": [ { "name": "syft:package:foundBy", @@ -5363,7 +5607,7 @@ }, { "name": "syft:location:0:layerID", - "value": "sha256:399826b51fcf6c959b7a7e86b89ac1ee6685d64da54e5223e1d182c491a1bbd6" + "value": "sha256:945d17be9a3e27af5ca1c671792bf1a8f2c3f4d13d3994665d95f084ed4f8a60" }, { "name": "syft:location:0:path", @@ -5371,7 +5615,7 @@ }, { "name": "syft:location:1:layerID", - "value": "sha256:399826b51fcf6c959b7a7e86b89ac1ee6685d64da54e5223e1d182c491a1bbd6" + "value": "sha256:945d17be9a3e27af5ca1c671792bf1a8f2c3f4d13d3994665d95f084ed4f8a60" }, { "name": "syft:location:1:path", @@ -5379,7 +5623,7 @@ }, { "name": "syft:location:2:layerID", - "value": "sha256:399826b51fcf6c959b7a7e86b89ac1ee6685d64da54e5223e1d182c491a1bbd6" + "value": "sha256:945d17be9a3e27af5ca1c671792bf1a8f2c3f4d13d3994665d95f084ed4f8a60" }, { "name": "syft:location:2:path", @@ -5387,20 +5631,20 @@ }, { "name": "syft:metadata:installedSize", - "value": "3413" + "value": "2554" } ] }, { - "bom-ref": "os:debian@11", + "bom-ref": "os:debian@12", "type": "operating-system", "name": "debian", - "version": "11", + "version": "12", "description": "Distroless", "swid": { "tagId": "debian", "name": "debian", - "version": "11" + "version": "12" }, "externalReferences": [ { @@ -5428,2371 +5672,182 @@ }, { "name": "syft:distro:versionID", - "value": "11" + "value": "12" } ] } ], - "vulnerabilities": [ - { - "bom-ref": "urn:uuid:5d5a454e-aae8-4f3d-957d-102817f5f2ca", - "id": "CVE-2022-41722", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41722" - }, - "references": [ - { - "id": "CVE-2022-41722", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41722" - } - } - ], - "ratings": [ - { - "score": 7.5, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" - } - ], - "description": "A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean function could transform an invalid path such as \"a/../c:/b\" into the valid path \"c:\\b\". This transformation of a relative (if invalid) path into an absolute path could enable a directory traversal attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid) path \".\\c:\\b\".", - "advisories": [ - { - "url": "https://go.dev/cl/468123" - }, - { - "url": "https://go.dev/issue/57274" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1568" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:4823345f-9255-429a-94d5-c183384af1e6", - "id": "CVE-2022-41723", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723" - }, - "references": [ - { - "id": "CVE-2022-41723", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723" - } - } - ], - "ratings": [ - { - "score": 7.5, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" - } - ], - "description": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", - "advisories": [ - { - "url": "https://go.dev/cl/468135" - }, - { - "url": "https://go.dev/cl/468295" - }, - { - "url": "https://go.dev/issue/57855" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1571" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - }, - { - "url": "https://www.couchbase.com/alerts/" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:19592e62-945a-47e7-bc94-6b18b62ca16c", - "id": "CVE-2022-41724", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724" - }, - "references": [ - { - "id": "CVE-2022-41724", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724" - } - } - ], - "ratings": [ - { - "score": 7.5, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" - } - ], - "description": "Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth >= RequestClientCert).", - "advisories": [ - { - "url": "https://go.dev/cl/468125" - }, - { - "url": "https://go.dev/issue/58001" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1570" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } + "dependencies": [ + { + "ref": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.18.0?package-id=8a3ddcfafe1af740", + "dependsOn": [ + "pkg:golang/github.com/antlr/antlr4@v4.0.0-20230305170008-8188dc5388df?package-id=f1cb50b3b6f1dd9b#runtime/Go/antlr/v4", + "pkg:golang/github.com/asaskevich/govalidator@v0.0.0-20190424111038-f61b66f89f4a?package-id=89f5d442b0e0ad2d", + "pkg:golang/github.com/beorn7/perks@v1.0.1?package-id=f5726f00fd512995", + "pkg:golang/github.com/blang/semver@v4.0.0?package-id=1d90b0c6632a31f0#v4", + "pkg:golang/github.com/cenkalti/backoff@v4.2.1?package-id=cb54ede673ec69c8#v4", + "pkg:golang/github.com/cespare/xxhash@v2.2.0?package-id=824702e827fd27d9#v2", + "pkg:golang/github.com/coreos/go-oidc@v2.2.1%2Bincompatible?package-id=bc2a78a640f08db8", + "pkg:golang/github.com/coreos/go-semver@v0.3.1?package-id=8660cb49c48b1ba9", + "pkg:golang/github.com/coreos/go-systemd@v22.5.0?package-id=f44ea437a3ca140a#v22", + "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=6513125f2a71811c", + "pkg:golang/github.com/emicklei/go-restful@v3.11.0?package-id=5f1f77189968fa4a#v3", + "pkg:golang/github.com/evanphx/json-patch@v4.12.0%2Bincompatible?package-id=48d386865447e815", + "pkg:golang/github.com/felixge/httpsnoop@v1.0.3?package-id=6b7bba2cef408770", + "pkg:golang/github.com/fsnotify/fsnotify@v1.7.0?package-id=46e232902a20efd8", + "pkg:golang/github.com/ghodss/yaml@v1.0.0?package-id=541fed4dde49a4be", + "pkg:golang/github.com/go-logr/logr@v1.4.1?package-id=20c2e54e43417dff", + "pkg:golang/github.com/go-logr/stdr@v1.2.2?package-id=1329027e34f30dc4", + "pkg:golang/github.com/go-openapi/jsonpointer@v0.19.6?package-id=500ebf29b917ebda", + "pkg:golang/github.com/go-openapi/jsonreference@v0.20.2?package-id=46d34d24143b9284", + "pkg:golang/github.com/go-openapi/swag@v0.22.3?package-id=7567adc41613e065", + "pkg:golang/github.com/gogo/protobuf@v1.3.2?package-id=822a186e444fa173", + "pkg:golang/github.com/golang/groupcache@v0.0.0-20210331224755-41bb18bfe9da?package-id=2a0136b89d5f9b9d", + "pkg:golang/github.com/golang/protobuf@v1.5.4?package-id=e2c230f9fb33a1f6", + "pkg:golang/github.com/google/cel-go@v0.17.8?package-id=63c3851dfd0f39c4", + "pkg:golang/github.com/google/gnostic-models@v0.6.8?package-id=68048a5fafb35985", + "pkg:golang/github.com/google/go-cmp@v0.6.0?package-id=4fd5133b6c40abee", + "pkg:golang/github.com/google/gofuzz@v1.2.0?package-id=2ca657cc02076e41", + "pkg:golang/github.com/google/uuid@v1.6.0?package-id=9f924960c2ad2823", + "pkg:golang/github.com/grpc-ecosystem/go-grpc-prometheus@v1.2.0?package-id=1f168dfac7cdb0b7", + "pkg:golang/github.com/grpc-ecosystem/grpc-gateway@v2.16.0?package-id=ed503c1215763928#v2", + "pkg:golang/github.com/imdario/mergo@v0.3.6?package-id=8b8b3a661a9945e2", + "pkg:golang/github.com/josharian/intern@v1.0.0?package-id=a6cef9deea27a281", + "pkg:golang/github.com/json-iterator/go@v1.1.12?package-id=2c916e0a1147318e", + "pkg:golang/github.com/mailru/easyjson@v0.7.7?package-id=0a3743333d2f43e8", + "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v1.0.4?package-id=5e5336dee115cd48", + "pkg:golang/github.com/moby/term@v0.0.0-20221205130635-1aeaba878587?package-id=7f8b602eddddc309", + "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd?package-id=3ec06eefd42b1775", + "pkg:golang/github.com/modern-go/reflect2@v1.0.2?package-id=05696812fac1fc7b", + "pkg:golang/github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822?package-id=02ea5c3d1bb2c247", + "pkg:golang/github.com/nytimes/gziphandler@v1.1.1?package-id=384cacf836d44684", + "pkg:golang/github.com/oklog/run@v1.1.0?package-id=9faa1b1e5cf18c5c", + "pkg:golang/github.com/pkg/errors@v0.9.1?package-id=91f932bce2ada932", + "pkg:golang/github.com/pquerna/cachecontrol@v0.1.0?package-id=2cf52c7277900151", + "pkg:golang/github.com/prometheus/client_golang@v1.16.0?package-id=463d2a489a181e05", + "pkg:golang/github.com/prometheus/client_model@v0.4.0?package-id=df6c595458c29a1b", + "pkg:golang/github.com/prometheus/common@v0.44.0?package-id=5a6935305e5d83e3", + "pkg:golang/github.com/prometheus/procfs@v0.10.1?package-id=9da87a34824dc9aa", + "pkg:golang/github.com/spf13/cobra@v1.8.0?package-id=1738ba29404498e0", + "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=ba3964c3cf85ff6c", + "pkg:golang/github.com/stoewer/go-strcase@v1.2.0?package-id=4ca4ba502d23ab2c", + "pkg:golang/go.etcd.io/etcd/api@v3.5.10?package-id=115846bda1c64dea#v3", + "pkg:golang/go.etcd.io/etcd/client@v3.5.10?package-id=22bf51a802b96de4#pkg/v3", + "pkg:golang/go.etcd.io/etcd/client@v3.5.10?package-id=576965389fa29e31#v3", + "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.44.0?package-id=b1684f001ee6da00#net/http/otelhttp", + "pkg:golang/go.opentelemetry.io/contrib/instrumentation@v0.51.0?package-id=0a49a367ed048d55#googlegolangorg/grpc/otelgrpc", + "pkg:golang/go.opentelemetry.io/otel/exporters@v1.19.0?package-id=c6eb98e5b02740fa#otlp/otlptrace/otlptracegrpc", + "pkg:golang/go.opentelemetry.io/otel/exporters@v1.19.0?package-id=da782a96a963225e#otlp/otlptrace", + "pkg:golang/go.opentelemetry.io/otel/metric@v1.26.0?package-id=59f5203fab379b1a", + "pkg:golang/go.opentelemetry.io/otel/sdk@v1.26.0?package-id=ed3e2be0890e33f2", + "pkg:golang/go.opentelemetry.io/otel/trace@v1.26.0?package-id=235396930a36a58d", + "pkg:golang/go.opentelemetry.io/otel@v1.26.0?package-id=b9fedfe4b8016fdb", + "pkg:golang/go.opentelemetry.io/proto/otlp@v1.0.0?package-id=87c45baa09a3ed84", + "pkg:golang/go.uber.org/multierr@v1.11.0?package-id=3ba4e2d7cd517b9d", + "pkg:golang/go.uber.org/zap@v1.26.0?package-id=0b0dd2562eaef8ad", + "pkg:golang/golang.org/x/crypto@v0.24.0?package-id=044728853dabc5b2", + "pkg:golang/golang.org/x/exp@v0.0.0-20220722155223-a9213eeb770e?package-id=744016f63f354577", + "pkg:golang/golang.org/x/net@v0.26.0?package-id=74964a31f3e0486c", + "pkg:golang/golang.org/x/oauth2@v0.18.0?package-id=65a84e5afe68fe04", + "pkg:golang/golang.org/x/sync@v0.7.0?package-id=cc6ddcd183042ba3", + "pkg:golang/golang.org/x/sys@v0.21.0?package-id=a646b4860028a84d", + "pkg:golang/golang.org/x/term@v0.21.0?package-id=8e5c64ee836c60f5", + "pkg:golang/golang.org/x/text@v0.16.0?package-id=51216776decd0e30", + "pkg:golang/golang.org/x/time@v0.3.0?package-id=5870fb788a9d4243", + "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20240318140521-94a12d6c2237?package-id=25e1d03e84f38b3a#api", + "pkg:golang/google.golang.org/genproto/googleapis@v0.0.0-20240515191416-fc5f0ca64291?package-id=5577cb5fd33c3419#rpc", + "pkg:golang/google.golang.org/grpc@v1.64.0?package-id=93f9231f32cb1ef2", + "pkg:golang/google.golang.org/protobuf@v1.34.1?package-id=234c4905c09dcf1c", + "pkg:golang/gopkg.in/inf.v0@v0.9.1?package-id=b8f40b1b15b61f15", + "pkg:golang/gopkg.in/natefinch/lumberjack.v2@v2.2.1?package-id=9cdb25369c4081bd", + "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0?package-id=a5e160e9c94e6dbb", + "pkg:golang/gopkg.in/yaml.v2@v2.4.0?package-id=eea76200a8e079c7", + "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=68c818a3836d106f", + "pkg:golang/k8s.io/api@v0.30.1?package-id=76c3589f0142ab3f", + "pkg:golang/k8s.io/apimachinery@v0.30.1?package-id=b7e30049f0049a9c", + "pkg:golang/k8s.io/apiserver@v0.30.1?package-id=f538d2ef4495fc29", + "pkg:golang/k8s.io/client-go@v0.30.1?package-id=26477dab351e91a0", + "pkg:golang/k8s.io/component-base@v0.30.1?package-id=a8878bdfc3a43f52", + "pkg:golang/k8s.io/klog/v2@v2.120.1?package-id=1c0aeb2284ae6a08", + "pkg:golang/k8s.io/kms@v0.30.1?package-id=4102d8e349b359ca", + "pkg:golang/k8s.io/kube-openapi@v0.0.0-20240228011516-70dd3763d340?package-id=86678d4ed58c6456", + "pkg:golang/k8s.io/utils@v0.0.0-20230726121419-3b25d923346b?package-id=d7715c9b28a6e05e", + "pkg:golang/sigs.k8s.io/apiserver-network-proxy/konnectivity-client@v0.29.0?package-id=f4ae2d5739b77953", + "pkg:golang/sigs.k8s.io/json@v0.0.0-20221116044647-bc3834ca7abd?package-id=d09140a401e0ea0e", + "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.4.1?package-id=b63427a81c453929", + "pkg:golang/sigs.k8s.io/yaml@v1.3.0?package-id=d8bef13f258e95c4", + "pkg:golang/stdlib@1.22.4?package-id=acf88ad9230c9249" ] - }, + } + ], + "vulnerabilities": [ { - "bom-ref": "urn:uuid:70193305-dd8b-4b1e-ab2a-4d0f6fad4153", - "id": "CVE-2022-41725", + "bom-ref": "urn:uuid:230dc935-5265-4400-984d-572a8f23f51f", + "id": "CVE-2024-24791", "source": { "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725" + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" }, "references": [ { - "id": "CVE-2022-41725", + "id": "CVE-2024-24791", "source": { "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725" + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791" } } ], "ratings": [ { - "score": 7.5, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" + "severity": "unknown" } ], - "description": "A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented as storing \"up to maxMemory bytes +10MB (reserved for non-file parts) in memory\". File parts which cannot be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file parts is excessively large and can potentially open a denial of service vector on its own. However, ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead, part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory bytes of memory consumption. Users should still be aware that this limit is high and may still be hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form parts into a single temporary file. The mime/multipart.File interface type's documentation states, \"If stored on disk, the File's underlying concrete type will be an *os.File.\". This is no longer the case when a form contains more than one file part, due to this coalescing of parts into a single file. The previous behavior of using distinct files for each form part may be reenabled with the environment variable GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the size of form data with http.MaxBytesReader.", + "description": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.", "advisories": [ { - "url": "https://go.dev/cl/468124" - }, - { - "url": "https://go.dev/issue/58006" + "url": "https://go.dev/cl/591255" }, { - "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" + "url": "https://go.dev/issue/67555" }, { - "url": "https://pkg.go.dev/vuln/GO-2023-1569" + "url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ" }, { - "url": "https://security.gentoo.org/glsa/202311-09" + "url": "https://pkg.go.dev/vuln/GO-2024-2963" } ], "affects": [ { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" + "ref": "pkg:golang/stdlib@1.22.4?package-id=acf88ad9230c9249" } ] }, { - "bom-ref": "urn:uuid:ef1fe7c9-a163-450e-9228-ec432764266b", - "id": "CVE-2023-24532", + "bom-ref": "urn:uuid:1e2b8d48-e65c-4a3f-b6c9-6dba109aa934", + "id": "GHSA-c5q2-7r4c-mv6g", "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532" + "name": "github-language-go", + "url": "https://github.com/advisories/GHSA-c5q2-7r4c-mv6g" }, "references": [ { - "id": "CVE-2023-24532", + "id": "GHSA-c5q2-7r4c-mv6g", "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532" + "name": "github-language-go", + "url": "https://github.com/advisories/GHSA-c5q2-7r4c-mv6g" } } ], "ratings": [ { - "score": 5.3, + "score": 4.3, "severity": "medium", "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" - } - ], - "description": "The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh.", - "advisories": [ - { - "url": "https://go.dev/cl/471255" - }, - { - "url": "https://go.dev/issue/58647" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1621" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:eceb4ca9-5210-4a72-be6f-2c1e0265c634", - "id": "CVE-2023-24534", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534" - }, - "references": [ - { - "id": "CVE-2023-24534", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534" - } - } - ], - "ratings": [ - { - "score": 7.5, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" - } - ], - "description": "HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than required to hold the parsed headers. An attacker can exploit this behavior to cause an HTTP server to allocate large amounts of memory from a small request, potentially leading to memory exhaustion and a denial of service. With fix, header parsing now correctly allocates only the memory required to hold parsed headers.", - "advisories": [ - { - "url": "https://go.dev/cl/481994" - }, - { - "url": "https://go.dev/issue/58975" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1704" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - }, - { - "url": "https://security.netapp.com/advisory/ntap-20230526-0007/" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:e256d60a-f9a6-4aec-9a79-a9efe002d1b5", - "id": "CVE-2023-24536", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24536" - }, - "references": [ - { - "id": "CVE-2023-24536", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24536" - } - } - ], - "ratings": [ - { - "score": 7.5, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" - } - ], - "description": "Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing very large numbers of parts. This stems from several causes: 1. mime/multipart.Reader.ReadForm limits the total memory a parsed multipart form can consume. ReadForm can undercount the amount of memory consumed, leading it to accept larger inputs than intended. 2. Limiting total memory does not account for increased pressure on the garbage collector from large numbers of small allocations in forms with many parts. 3. ReadForm can allocate a large number of short-lived buffers, further increasing pressure on the garbage collector. The combination of these factors can permit an attacker to cause an program that parses multipart forms to consume large amounts of CPU and memory, potentially resulting in a denial of service. This affects programs that use mime/multipart.Reader.ReadForm, as well as form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. With fix, ReadForm now does a better job of estimating the memory consumption of parsed forms, and performs many fewer short-lived allocations. In addition, the fixed mime/multipart.Reader imposes the following limits on the size of parsed forms: 1. Forms parsed with ReadForm may contain no more than 1000 parts. This limit may be adjusted with the environment variable GODEBUG=multipartmaxparts=. 2. Form parts parsed with NextPart and NextRawPart may contain no more than 10,000 header fields. In addition, forms parsed with ReadForm may contain no more than 10,000 header fields across all parts. This limit may be adjusted with the environment variable GODEBUG=multipartmaxheaders=.", - "advisories": [ - { - "url": "https://go.dev/cl/482075" - }, - { - "url": "https://go.dev/cl/482076" - }, - { - "url": "https://go.dev/cl/482077" - }, - { - "url": "https://go.dev/issue/59153" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1705" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - }, - { - "url": "https://security.netapp.com/advisory/ntap-20230526-0007/" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:e6a950e4-426d-4e9d-b62c-4f592d71ca22", - "id": "CVE-2023-24537", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24537" - }, - "references": [ - { - "id": "CVE-2023-24537", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24537" - } - } - ], - "ratings": [ - { - "score": 7.5, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], - "description": "Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow.", - "advisories": [ - { - "url": "https://go.dev/cl/482078" - }, - { - "url": "https://go.dev/issue/59180" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1702" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:a85d706b-a956-44b8-ae7f-fbedc702668c", - "id": "CVE-2023-24538", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24538" - }, - "references": [ - { - "id": "CVE-2023-24538", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24538" - } - } - ], - "ratings": [ - { - "score": 9.8, - "severity": "critical", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" - } - ], - "description": "Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. \"var a = {{.}}\"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.", - "advisories": [ - { - "url": "https://go.dev/cl/482079" - }, - { - "url": "https://go.dev/issue/59234" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1703" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:f7bb9d7f-aee8-4928-b367-556c42632cee", - "id": "CVE-2023-24539", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24539" - }, - "references": [ - { - "id": "CVE-2023-24539", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24539" - } - } - ], - "ratings": [ - { - "score": 7.3, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" - } - ], - "description": "Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.", - "advisories": [ - { - "url": "https://go.dev/cl/491615" - }, - { - "url": "https://go.dev/issue/59720" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1751" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:e5fc4df7-98ab-450d-910e-21ff1e45b8a1", - "id": "CVE-2023-24540", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24540" - }, - "references": [ - { - "id": "CVE-2023-24540", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24540" - } - } - ], - "ratings": [ - { - "score": 9.8, - "severity": "critical", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" - } - ], - "description": "Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set \"\\t\\n\\f\\r\\u0020\\u2028\\u2029\" in JavaScript contexts that also contain actions may not be properly sanitized during execution.", - "advisories": [ - { - "url": "https://go.dev/cl/491616" - }, - { - "url": "https://go.dev/issue/59721" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1752" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:b783687f-2af4-47ef-a7f7-eec7afbb3a89", - "id": "CVE-2023-29400", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29400" - }, - "references": [ - { - "id": "CVE-2023-29400", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29400" - } - } - ], - "ratings": [ - { - "score": 7.3, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" - } - ], - "description": "Templates containing actions in unquoted HTML attributes (e.g. \"attr={{.}}\") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.", - "advisories": [ - { - "url": "https://go.dev/cl/491617" - }, - { - "url": "https://go.dev/issue/59722" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1753" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:336f04ad-7501-49e2-b4a4-3024920586db", - "id": "CVE-2023-29402", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29402" - }, - "references": [ - { - "id": "CVE-2023-29402", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29402" - } - } - ], - "ratings": [ - { - "score": 9.8, - "severity": "critical", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" - } - ], - "description": "The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via \"go get\", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected).", - "advisories": [ - { - "url": "https://go.dev/cl/501226" - }, - { - "url": "https://go.dev/issue/60167" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1839" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:34b4ce91-ec82-4427-ba71-301da2136c1c", - "id": "CVE-2023-29403", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29403" - }, - "references": [ - { - "id": "CVE-2023-29403", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29403" - } - } - ], - "ratings": [ - { - "score": 7.8, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" - } - ], - "description": "On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers.", - "advisories": [ - { - "url": "https://go.dev/cl/501223" - }, - { - "url": "https://go.dev/issue/60272" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1840" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:3b4414af-e939-4d52-8507-d7831e93a3d0", - "id": "CVE-2023-29404", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29404" - }, - "references": [ - { - "id": "CVE-2023-29404", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29404" - } - } - ], - "ratings": [ - { - "score": 9.8, - "severity": "critical", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" - } - ], - "description": "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.", - "advisories": [ - { - "url": "https://go.dev/cl/501225" - }, - { - "url": "https://go.dev/issue/60305" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1841" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:fed6e8db-e876-4d4e-9eb7-e4847f052e3a", - "id": "CVE-2023-29405", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29405" - }, - "references": [ - { - "id": "CVE-2023-29405", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29405" - } - } - ], - "ratings": [ - { - "score": 9.8, - "severity": "critical", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" - } - ], - "description": "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.", - "advisories": [ - { - "url": "https://go.dev/cl/501224" - }, - { - "url": "https://go.dev/issue/60306" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1842" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:0f6d76ec-3674-4212-a5ca-fe0de2ed108e", - "id": "CVE-2023-29406", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406" - }, - "references": [ - { - "id": "CVE-2023-29406", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406" - } - } - ], - "ratings": [ - { - "score": 6.5, - "severity": "medium", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" - } - ], - "description": "The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.", - "advisories": [ - { - "url": "https://go.dev/cl/506996" - }, - { - "url": "https://go.dev/issue/60374" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1878" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - }, - { - "url": "https://security.netapp.com/advisory/ntap-20230814-0002/" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:9dad6bcc-c800-4cc7-ae06-b60406557f7b", - "id": "CVE-2023-29409", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409" - }, - "references": [ - { - "id": "CVE-2023-29409", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409" - } - } - ], - "ratings": [ - { - "score": 5.3, - "severity": "medium", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" - } - ], - "description": "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.", - "advisories": [ - { - "url": "https://go.dev/cl/515257" - }, - { - "url": "https://go.dev/issue/61460" - }, - { - "url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ" - }, - { - "url": "https://pkg.go.dev/vuln/GO-2023-1987" - }, - { - "url": "https://security.gentoo.org/glsa/202311-09" - }, - { - "url": "https://security.netapp.com/advisory/ntap-20230831-0010/" - } - ], - "affects": [ - { - "ref": "pkg:golang/stdlib@1.19.4?package-id=dc49dac451edcf1b" - } - ] - }, - { - "bom-ref": "urn:uuid:fa31de70-fabb-4b08-95f1-5628e0e2cd61", - "id": "CVE-2023-39318", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318" - }, - "references": [ - { - "id": "CVE-2023-39318", - "source": { - "name": "nvd-cpe", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318" - } - } - ], - "ratings": [ - { - "score": 6.1, - "severity": "medium", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" - } - ], - "description": "The html/template package does not properly handle HTML-like \"\" comment tokens, nor hashbang \"#!\" comment tokens, in