gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
d19c7d9f292759848aa77109357b405a64716c78
trivy/integration/testdata/composer.lock.json.golden
Teppei Fukuda d19c7d9f29 feat(repo): support local repositories (#4890) 
* feat(repo): support local repositories

* fix tests

* test: fix client/server tests

* docs: update

* test: add fs tests

* test: do not update golden files if overridden

* docs: remove a comment about fs deprecation
2023-07-31 11:27:36 +00:00

97 lines
2.7 KiB
Plaintext
Raw Blame History

{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/repo/composer",
"ArtifactType": "repository",
"Metadata": {
"ImageConfig": {
"architecture": "",
"created": "0001-01-01T00:00:00Z",
"os": "",
"rootfs": {
"type": "",
"diff_ids": null
},
"config": {}
}
},
"Results": [
{
"Target": "composer.lock",
"Class": "lang-pkgs",
"Type": "composer",
"Packages": [
{
"ID": "guzzlehttp/guzzle@7.4.4",
"Name": "guzzlehttp/guzzle",
"Version": "7.4.4",
"Licenses": [
"MIT"
],
"DependsOn": [
"guzzlehttp/psr7@1.8.3"
],
"Layer": {},
"Locations": [
{
"StartLine": 9,
"EndLine": 129
}
]
},
{
"ID": "guzzlehttp/psr7@1.8.3",
"Name": "guzzlehttp/psr7",
"Version": "1.8.3",
"Licenses": [
"MIT"
],
"Indirect": true,
"Layer": {},
"Locations": [
{
"StartLine": 130,
"EndLine": 245
}
]
}
],
"Vulnerabilities": [
{
"VulnerabilityID": "CVE-2022-24775",
"PkgID": "guzzlehttp/psr7@1.8.3",
"PkgName": "guzzlehttp/psr7",
"InstalledVersion": "1.8.3",
"FixedVersion": "1.8.4",
"Status": "fixed",
"Layer": {},
"SeveritySource": "ghsa",
"PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-24775",
"DataSource": {
"ID": "ghsa",
"Name": "GitHub Security Advisory Composer",
"URL": "https://github.com/advisories?query=type%%3Areviewed+ecosystem%%3Acomposer"
},
"Title": "Improper Input Validation in guzzlehttp/psr7",
"Description": "### Impact\nIn proper header parsing. An attacker could sneak in a new line character and pass untrusted values. \n\n### Patches\nThe issue is patched in 1.8.4 and 2.1.1.\n\n### Workarounds\nThere are no known workarounds.\n",
"Severity": "HIGH",
"CweIDs": [
"CWE-20"
],
"CVSS": {
"ghsa": {
"V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"V3Score": 7.5
}
},
"References": [
"https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96",
"https://nvd.nist.gov/vuln/detail/CVE-2022-24775"
],
"PublishedDate": "2022-03-25T19:26:33Z",
"LastModifiedDate": "2022-06-14T20:02:29Z"
}
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink