mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-12 15:50:15 -08:00
1f0d6290c3
Signed-off-by: juan131 <jariza@vmware.com> Signed-off-by: knqyf263 <knqyf263@gmail.com> Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io> Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Co-authored-by: Nikita Pivkin <nikita.pivkin@smartforce.io> Co-authored-by: knqyf263 <knqyf263@gmail.com>
93 lines
2.8 KiB
Plaintext
93 lines
2.8 KiB
Plaintext
{
|
|
"SchemaVersion": 2,
|
|
"CreatedAt": "2021-08-25T12:20:30.000000005Z",
|
|
"ArtifactName": "testdata/fixtures/repo/swift",
|
|
"ArtifactType": "repository",
|
|
"Metadata": {
|
|
"ImageConfig": {
|
|
"architecture": "",
|
|
"created": "0001-01-01T00:00:00Z",
|
|
"os": "",
|
|
"rootfs": {
|
|
"type": "",
|
|
"diff_ids": null
|
|
},
|
|
"config": {}
|
|
}
|
|
},
|
|
"Results": [
|
|
{
|
|
"Target": "Package.resolved",
|
|
"Class": "lang-pkgs",
|
|
"Type": "swift",
|
|
"Packages": [
|
|
{
|
|
"ID": "github.com/apple/swift-atomics@1.1.0",
|
|
"Name": "github.com/apple/swift-atomics",
|
|
"Identifier": {
|
|
"PURL": "pkg:swift/github.com/apple/swift-atomics@1.1.0"
|
|
},
|
|
"Version": "1.1.0",
|
|
"Layer": {},
|
|
"Locations": [
|
|
{
|
|
"StartLine": 4,
|
|
"EndLine": 12
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"ID": "github.com/apple/swift-nio@2.41.0",
|
|
"Name": "github.com/apple/swift-nio",
|
|
"Identifier": {
|
|
"PURL": "pkg:swift/github.com/apple/swift-nio@2.41.0"
|
|
},
|
|
"Version": "2.41.0",
|
|
"Layer": {},
|
|
"Locations": [
|
|
{
|
|
"StartLine": 13,
|
|
"EndLine": 21
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"Vulnerabilities": [
|
|
{
|
|
"VulnerabilityID": "CVE-2022-3215",
|
|
"PkgID": "github.com/apple/swift-nio@2.41.0",
|
|
"PkgName": "github.com/apple/swift-nio",
|
|
"PkgIdentifier": {
|
|
"PURL": "pkg:swift/github.com/apple/swift-nio@2.41.0"
|
|
},
|
|
"InstalledVersion": "2.41.0",
|
|
"FixedVersion": "2.29.1, 2.39.1, 2.42.0",
|
|
"Status": "fixed",
|
|
"Layer": {},
|
|
"PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-3215",
|
|
"Title": "SwiftNIO vulnerable to Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')",
|
|
"Description": "`NIOHTTP1` and projects using it for generating HTTP responses, including SwiftNIO, can be subject to a HTTP Response Injection attack...",
|
|
"Severity": "MEDIUM",
|
|
"VendorSeverity": {
|
|
"ghsa": 2
|
|
},
|
|
"CVSS": {
|
|
"ghsa": {
|
|
"V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
|
"V3Score": 5.3
|
|
}
|
|
},
|
|
"References": [
|
|
"https://github.com/apple/swift-nio/security/advisories/GHSA-7fj7-39wj-c64f",
|
|
"https://nvd.nist.gov/vuln/detail/CVE-2022-3215",
|
|
"https://github.com/apple/swift-nio/commit/a16e2f54a25b2af217044e5168997009a505930f",
|
|
"https://github.com/advisories/GHSA-7fj7-39wj-c64f"
|
|
],
|
|
"PublishedDate": "2023-06-07T16:01:53Z",
|
|
"LastModifiedDate": "2023-06-19T16:45:07Z"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|