{ "SchemaVersion": 2, "CreatedAt": "2021-08-25T12:20:30.000000005Z", "ArtifactName": "disk.img", "ArtifactType": "vm", "Metadata": { "OS": { "Family": "ubuntu", "Name": "22.04" }, "ImageConfig": { "architecture": "", "created": "0001-01-01T00:00:00Z", "os": "", "rootfs": { "type": "", "diff_ids": null }, "config": {} } }, "Results": [ { "Target": "disk.img (ubuntu 22.04)", "Class": "os-pkgs", "Type": "ubuntu", "Vulnerabilities": [ { "VulnerabilityID": "CVE-2022-3715", "PkgID": "bash@5.1-6ubuntu1", "PkgName": "bash", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/bash@5.1-6ubuntu1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.1-6ubuntu1", "Status": "affected", "Layer": {}, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-3715", "Title": "a heap-buffer-overflow in valid_parameter_transform", "Description": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.", "Severity": "HIGH", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "cbl-mariner": 3, "nvd": 3, "photon": 3, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "V3Score": 6.6 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:0340", "https://access.redhat.com/security/cve/CVE-2022-3715", "https://bugzilla.redhat.com/2126720", "https://bugzilla.redhat.com/show_bug.cgi?id=2126720" ], "PublishedDate": "2023-01-05T15:15:00Z", "LastModifiedDate": "2023-02-24T18:38:00Z" } ] } ] }