From 238f8013149cb59151e2cb2da3685b8a0252a767 Mon Sep 17 00:00:00 2001
From: NeilHanlon <NeilHanlon@users.noreply.github.com>
Date: Sat, 15 Oct 2022 13:14:26 +0000
Subject: [PATCH] deploy: 4fcb0f39f5d145b2640ea501c1a7e1c8686bd82c

---
 index.html          | 82 +++++++++++++++++++++++++++------------------
 trivy-results.sarif | 73 ++++++++++++++++++++++++++++++++++------
 2 files changed, 112 insertions(+), 43 deletions(-)
diff --git a/index.html b/index.html
index 973b63d..f47bbd0 100644
--- a/index.html
+++ b/index.html
@@ -51,7 +51,7 @@
       }
       a.toggle-more-links { cursor: pointer; }
     </style>
-    <title>docker.io/rockylinux/rockylinux:8 (rocky 8.6) - Trivy Report - 2022-10-13 13:20:55.387445452 +0000 UTC m=+1.590399071 </title>
+    <title>docker.io/rockylinux/rockylinux:8 (rocky 8.6) - Trivy Report - 2022-10-15 13:14:25.663067142 +0000 UTC m=+1.412600978 </title>
     <script>
       window.onload = function() {
         document.querySelectorAll('td.links').forEach(function(linkCell) {
@@ -81,7 +81,7 @@
     </script>
   </head>
   <body>
-    <h1>docker.io/rockylinux/rockylinux:8 (rocky 8.6) - Trivy Report - 2022-10-13 13:20:55.387481653 +0000 UTC m=+1.590435372</h1>
+    <h1>docker.io/rockylinux/rockylinux:8 (rocky 8.6) - Trivy Report - 2022-10-15 13:14:25.663096742 +0000 UTC m=+1.412630478</h1>
     <table>
       <tr class="group-header"><th colspan="6">rocky</th></tr>
       <tr class="sub-header">
@@ -99,16 +99,15 @@
         <td class="pkg-version">7.61.1-22.el8_6.3</td>
         <td>7.61.1-22.el8_6.4</td>
         <td class="links" data-more-links="off">
-          <a href="https://access.redhat.com/errata/RHSA-2022:6157">https://access.redhat.com/errata/RHSA-2022:6157</a>
+          <a href="https://access.redhat.com/errata/RHSA-2022:6159">https://access.redhat.com/errata/RHSA-2022:6159</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json</a>
           <a href="https://access.redhat.com/security/cve/CVE-2022-32206">https://access.redhat.com/security/cve/CVE-2022-32206</a>
           <a href="https://bugzilla.redhat.com/2099300">https://bugzilla.redhat.com/2099300</a>
-          <a href="https://bugzilla.redhat.com/2099305">https://bugzilla.redhat.com/2099305</a>
           <a href="https://bugzilla.redhat.com/2099306">https://bugzilla.redhat.com/2099306</a>
           <a href="https://curl.se/docs/CVE-2022-32206.html">https://curl.se/docs/CVE-2022-32206.html</a>
           <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206</a>
-          <a href="https://errata.almalinux.org/9/ALSA-2022-6157.html">https://errata.almalinux.org/9/ALSA-2022-6157.html</a>
+          <a href="https://errata.almalinux.org/8/ALSA-2022-6159.html">https://errata.almalinux.org/8/ALSA-2022-6159.html</a>
           <a href="https://hackerone.com/reports/1570651">https://hackerone.com/reports/1570651</a>
           <a href="https://linux.oracle.com/cve/CVE-2022-32206.html">https://linux.oracle.com/cve/CVE-2022-32206.html</a>
           <a href="https://linux.oracle.com/errata/ELSA-2022-6159.html">https://linux.oracle.com/errata/ELSA-2022-6159.html</a>
@@ -127,16 +126,15 @@
         <td class="pkg-version">7.61.1-22.el8_6.3</td>
         <td>7.61.1-22.el8_6.4</td>
         <td class="links" data-more-links="off">
-          <a href="https://access.redhat.com/errata/RHSA-2022:6157">https://access.redhat.com/errata/RHSA-2022:6157</a>
+          <a href="https://access.redhat.com/errata/RHSA-2022:6159">https://access.redhat.com/errata/RHSA-2022:6159</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json</a>
           <a href="https://access.redhat.com/security/cve/CVE-2022-32208">https://access.redhat.com/security/cve/CVE-2022-32208</a>
           <a href="https://bugzilla.redhat.com/2099300">https://bugzilla.redhat.com/2099300</a>
-          <a href="https://bugzilla.redhat.com/2099305">https://bugzilla.redhat.com/2099305</a>
           <a href="https://bugzilla.redhat.com/2099306">https://bugzilla.redhat.com/2099306</a>
           <a href="https://curl.se/docs/CVE-2022-32208.html">https://curl.se/docs/CVE-2022-32208.html</a>
           <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208</a>
-          <a href="https://errata.almalinux.org/9/ALSA-2022-6157.html">https://errata.almalinux.org/9/ALSA-2022-6157.html</a>
+          <a href="https://errata.almalinux.org/8/ALSA-2022-6159.html">https://errata.almalinux.org/8/ALSA-2022-6159.html</a>
           <a href="https://hackerone.com/reports/1590071">https://hackerone.com/reports/1590071</a>
           <a href="https://linux.oracle.com/cve/CVE-2022-32208.html">https://linux.oracle.com/cve/CVE-2022-32208.html</a>
           <a href="https://linux.oracle.com/errata/ELSA-2022-6159.html">https://linux.oracle.com/errata/ELSA-2022-6159.html</a>
@@ -149,6 +147,34 @@
           <a href="https://www.debian.org/security/2022/dsa-5197">https://www.debian.org/security/2022/dsa-5197</a>
         </td>
       </tr>
+      <tr class="severity-CRITICAL">
+        <td class="pkg-name">expat</td>
+        <td>CVE-2022-40674</td>
+        <td class="severity">CRITICAL</td>
+        <td class="pkg-version">2.2.5-8.el8_6.2</td>
+        <td>2.2.5-8.el8_6.3</td>
+        <td class="links" data-more-links="off">
+          <a href="https://access.redhat.com/errata/RHSA-2022:6878">https://access.redhat.com/errata/RHSA-2022:6878</a>
+          <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40674.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40674.json</a>
+          <a href="https://access.redhat.com/security/cve/CVE-2022-40674">https://access.redhat.com/security/cve/CVE-2022-40674</a>
+          <a href="https://blog.hartwork.org/posts/expat-2-4-9-released/">https://blog.hartwork.org/posts/expat-2-4-9-released/</a>
+          <a href="https://bugzilla.redhat.com/2130769">https://bugzilla.redhat.com/2130769</a>
+          <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674</a>
+          <a href="https://errata.almalinux.org/8/ALSA-2022-6878.html">https://errata.almalinux.org/8/ALSA-2022-6878.html</a>
+          <a href="https://github.com/advisories/GHSA-2vq2-xc55-3j5m">https://github.com/advisories/GHSA-2vq2-xc55-3j5m</a>
+          <a href="https://github.com/libexpat/libexpat/pull/629">https://github.com/libexpat/libexpat/pull/629</a>
+          <a href="https://github.com/libexpat/libexpat/pull/640">https://github.com/libexpat/libexpat/pull/640</a>
+          <a href="https://linux.oracle.com/cve/CVE-2022-40674.html">https://linux.oracle.com/cve/CVE-2022-40674.html</a>
+          <a href="https://linux.oracle.com/errata/ELSA-2022-6878.html">https://linux.oracle.com/errata/ELSA-2022-6878.html</a>
+          <a href="https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html">https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html</a>
+          <a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/</a>
+          <a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/</a>
+          <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-40674">https://nvd.nist.gov/vuln/detail/CVE-2022-40674</a>
+          <a href="https://security.gentoo.org/glsa/202209-24">https://security.gentoo.org/glsa/202209-24</a>
+          <a href="https://ubuntu.com/security/notices/USN-5638-1">https://ubuntu.com/security/notices/USN-5638-1</a>
+          <a href="https://www.debian.org/security/2022/dsa-5236">https://www.debian.org/security/2022/dsa-5236</a>
+        </td>
+      </tr>
       <tr class="severity-MEDIUM">
         <td class="pkg-name">gnupg2</td>
         <td>CVE-2022-34903</td>
@@ -186,16 +212,15 @@
         <td class="pkg-version">7.61.1-22.el8_6.3</td>
         <td>7.61.1-22.el8_6.4</td>
         <td class="links" data-more-links="off">
-          <a href="https://access.redhat.com/errata/RHSA-2022:6157">https://access.redhat.com/errata/RHSA-2022:6157</a>
+          <a href="https://access.redhat.com/errata/RHSA-2022:6159">https://access.redhat.com/errata/RHSA-2022:6159</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json</a>
           <a href="https://access.redhat.com/security/cve/CVE-2022-32206">https://access.redhat.com/security/cve/CVE-2022-32206</a>
           <a href="https://bugzilla.redhat.com/2099300">https://bugzilla.redhat.com/2099300</a>
-          <a href="https://bugzilla.redhat.com/2099305">https://bugzilla.redhat.com/2099305</a>
           <a href="https://bugzilla.redhat.com/2099306">https://bugzilla.redhat.com/2099306</a>
           <a href="https://curl.se/docs/CVE-2022-32206.html">https://curl.se/docs/CVE-2022-32206.html</a>
           <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206</a>
-          <a href="https://errata.almalinux.org/9/ALSA-2022-6157.html">https://errata.almalinux.org/9/ALSA-2022-6157.html</a>
+          <a href="https://errata.almalinux.org/8/ALSA-2022-6159.html">https://errata.almalinux.org/8/ALSA-2022-6159.html</a>
           <a href="https://hackerone.com/reports/1570651">https://hackerone.com/reports/1570651</a>
           <a href="https://linux.oracle.com/cve/CVE-2022-32206.html">https://linux.oracle.com/cve/CVE-2022-32206.html</a>
           <a href="https://linux.oracle.com/errata/ELSA-2022-6159.html">https://linux.oracle.com/errata/ELSA-2022-6159.html</a>
@@ -214,16 +239,15 @@
         <td class="pkg-version">7.61.1-22.el8_6.3</td>
         <td>7.61.1-22.el8_6.4</td>
         <td class="links" data-more-links="off">
-          <a href="https://access.redhat.com/errata/RHSA-2022:6157">https://access.redhat.com/errata/RHSA-2022:6157</a>
+          <a href="https://access.redhat.com/errata/RHSA-2022:6159">https://access.redhat.com/errata/RHSA-2022:6159</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json</a>
           <a href="https://access.redhat.com/security/cve/CVE-2022-32208">https://access.redhat.com/security/cve/CVE-2022-32208</a>
           <a href="https://bugzilla.redhat.com/2099300">https://bugzilla.redhat.com/2099300</a>
-          <a href="https://bugzilla.redhat.com/2099305">https://bugzilla.redhat.com/2099305</a>
           <a href="https://bugzilla.redhat.com/2099306">https://bugzilla.redhat.com/2099306</a>
           <a href="https://curl.se/docs/CVE-2022-32208.html">https://curl.se/docs/CVE-2022-32208.html</a>
           <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208</a>
-          <a href="https://errata.almalinux.org/9/ALSA-2022-6157.html">https://errata.almalinux.org/9/ALSA-2022-6157.html</a>
+          <a href="https://errata.almalinux.org/8/ALSA-2022-6159.html">https://errata.almalinux.org/8/ALSA-2022-6159.html</a>
           <a href="https://hackerone.com/reports/1590071">https://hackerone.com/reports/1590071</a>
           <a href="https://linux.oracle.com/cve/CVE-2022-32208.html">https://linux.oracle.com/cve/CVE-2022-32208.html</a>
           <a href="https://linux.oracle.com/errata/ELSA-2022-6159.html">https://linux.oracle.com/errata/ELSA-2022-6159.html</a>
@@ -243,18 +267,16 @@
         <td class="pkg-version">1:1.1.1k-6.el8_5</td>
         <td>1:1.1.1k-7.el8_6</td>
         <td class="links" data-more-links="off">
-          <a href="https://access.redhat.com/errata/RHSA-2022:6224">https://access.redhat.com/errata/RHSA-2022:6224</a>
+          <a href="https://access.redhat.com/errata/RHSA-2022:5818">https://access.redhat.com/errata/RHSA-2022:5818</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json</a>
           <a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a>
           <a href="https://bugzilla.redhat.com/2081494">https://bugzilla.redhat.com/2081494</a>
-          <a href="https://bugzilla.redhat.com/2087911">https://bugzilla.redhat.com/2087911</a>
-          <a href="https://bugzilla.redhat.com/2087913">https://bugzilla.redhat.com/2087913</a>
           <a href="https://bugzilla.redhat.com/2097310">https://bugzilla.redhat.com/2097310</a>
           <a href="https://bugzilla.redhat.com/2104905">https://bugzilla.redhat.com/2104905</a>
           <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a>
-          <a href="https://errata.almalinux.org/9/ALSA-2022-6224.html">https://errata.almalinux.org/9/ALSA-2022-6224.html</a>
+          <a href="https://errata.almalinux.org/8/ALSA-2022-5818.html">https://errata.almalinux.org/8/ALSA-2022-5818.html</a>
           <a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a>
           <a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a>
           <a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a>
@@ -282,18 +304,16 @@
         <td class="pkg-version">1:1.1.1k-6.el8_5</td>
         <td>1:1.1.1k-7.el8_6</td>
         <td class="links" data-more-links="off">
-          <a href="https://access.redhat.com/errata/RHSA-2022:6224">https://access.redhat.com/errata/RHSA-2022:6224</a>
+          <a href="https://access.redhat.com/errata/RHSA-2022:5818">https://access.redhat.com/errata/RHSA-2022:5818</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json</a>
           <a href="https://access.redhat.com/security/cve/CVE-2022-2068">https://access.redhat.com/security/cve/CVE-2022-2068</a>
           <a href="https://bugzilla.redhat.com/2081494">https://bugzilla.redhat.com/2081494</a>
-          <a href="https://bugzilla.redhat.com/2087911">https://bugzilla.redhat.com/2087911</a>
-          <a href="https://bugzilla.redhat.com/2087913">https://bugzilla.redhat.com/2087913</a>
           <a href="https://bugzilla.redhat.com/2097310">https://bugzilla.redhat.com/2097310</a>
           <a href="https://bugzilla.redhat.com/2104905">https://bugzilla.redhat.com/2104905</a>
           <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068</a>
-          <a href="https://errata.almalinux.org/9/ALSA-2022-6224.html">https://errata.almalinux.org/9/ALSA-2022-6224.html</a>
+          <a href="https://errata.almalinux.org/8/ALSA-2022-5818.html">https://errata.almalinux.org/8/ALSA-2022-5818.html</a>
           <a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa</a>
           <a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9</a>
           <a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7</a>
@@ -316,19 +336,17 @@
         <td class="pkg-version">1:1.1.1k-6.el8_5</td>
         <td>1:1.1.1k-7.el8_6</td>
         <td class="links" data-more-links="off">
-          <a href="https://access.redhat.com/errata/RHSA-2022:6224">https://access.redhat.com/errata/RHSA-2022:6224</a>
+          <a href="https://access.redhat.com/errata/RHSA-2022:5818">https://access.redhat.com/errata/RHSA-2022:5818</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json</a>
           <a href="https://access.redhat.com/security/cve/CVE-2022-2097">https://access.redhat.com/security/cve/CVE-2022-2097</a>
           <a href="https://bugzilla.redhat.com/2081494">https://bugzilla.redhat.com/2081494</a>
-          <a href="https://bugzilla.redhat.com/2087911">https://bugzilla.redhat.com/2087911</a>
-          <a href="https://bugzilla.redhat.com/2087913">https://bugzilla.redhat.com/2087913</a>
           <a href="https://bugzilla.redhat.com/2097310">https://bugzilla.redhat.com/2097310</a>
           <a href="https://bugzilla.redhat.com/2104905">https://bugzilla.redhat.com/2104905</a>
           <a href="https://crates.io/crates/openssl-src">https://crates.io/crates/openssl-src</a>
           <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097</a>
-          <a href="https://errata.almalinux.org/9/ALSA-2022-6224.html">https://errata.almalinux.org/9/ALSA-2022-6224.html</a>
+          <a href="https://errata.almalinux.org/8/ALSA-2022-5818.html">https://errata.almalinux.org/8/ALSA-2022-5818.html</a>
           <a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431</a>
           <a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93</a>
           <a href="https://linux.oracle.com/cve/CVE-2022-2097.html">https://linux.oracle.com/cve/CVE-2022-2097.html</a>
@@ -436,7 +454,7 @@
         <td class="pkg-version">2:8.0.1763-19.el8_6.2</td>
         <td>2:8.0.1763-19.el8_6.4</td>
         <td class="links" data-more-links="off">
-          <a href="https://access.redhat.com/errata/RHSA-2022:5942">https://access.redhat.com/errata/RHSA-2022:5942</a>
+          <a href="https://access.redhat.com/errata/RHSA-2022:5813">https://access.redhat.com/errata/RHSA-2022:5813</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json</a>
@@ -445,7 +463,7 @@
           <a href="https://bugzilla.redhat.com/2091682">https://bugzilla.redhat.com/2091682</a>
           <a href="https://bugzilla.redhat.com/2091687">https://bugzilla.redhat.com/2091687</a>
           <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1927">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1927</a>
-          <a href="https://errata.almalinux.org/9/ALSA-2022-5942.html">https://errata.almalinux.org/9/ALSA-2022-5942.html</a>
+          <a href="https://errata.almalinux.org/8/ALSA-2022-5813.html">https://errata.almalinux.org/8/ALSA-2022-5813.html</a>
           <a href="https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010">https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010</a>
           <a href="https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 (v8.2.5037)">https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 (v8.2.5037)</a>
           <a href="https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777">https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777</a>
@@ -464,7 +482,7 @@
         <td class="pkg-version">2:8.0.1763-19.el8_6.2</td>
         <td>2:8.0.1763-19.el8_6.4</td>
         <td class="links" data-more-links="off">
-          <a href="https://access.redhat.com/errata/RHSA-2022:5942">https://access.redhat.com/errata/RHSA-2022:5942</a>
+          <a href="https://access.redhat.com/errata/RHSA-2022:5813">https://access.redhat.com/errata/RHSA-2022:5813</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json</a>
@@ -473,7 +491,7 @@
           <a href="https://bugzilla.redhat.com/2091682">https://bugzilla.redhat.com/2091682</a>
           <a href="https://bugzilla.redhat.com/2091687">https://bugzilla.redhat.com/2091687</a>
           <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1785">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1785</a>
-          <a href="https://errata.almalinux.org/9/ALSA-2022-5942.html">https://errata.almalinux.org/9/ALSA-2022-5942.html</a>
+          <a href="https://errata.almalinux.org/8/ALSA-2022-5813.html">https://errata.almalinux.org/8/ALSA-2022-5813.html</a>
           <a href="https://github.com/vim/vim/commit/e2bd8600b873d2cd1f9d667c28cba8b1dba18839">https://github.com/vim/vim/commit/e2bd8600b873d2cd1f9d667c28cba8b1dba18839</a>
           <a href="https://huntr.dev/bounties/8c969cba-eef2-4943-b44a-4e3089599109">https://huntr.dev/bounties/8c969cba-eef2-4943-b44a-4e3089599109</a>
           <a href="https://linux.oracle.com/cve/CVE-2022-1785.html">https://linux.oracle.com/cve/CVE-2022-1785.html</a>
@@ -490,7 +508,7 @@
         <td class="pkg-version">2:8.0.1763-19.el8_6.2</td>
         <td>2:8.0.1763-19.el8_6.4</td>
         <td class="links" data-more-links="off">
-          <a href="https://access.redhat.com/errata/RHSA-2022:5942">https://access.redhat.com/errata/RHSA-2022:5942</a>
+          <a href="https://access.redhat.com/errata/RHSA-2022:5813">https://access.redhat.com/errata/RHSA-2022:5813</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json</a>
           <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json</a>
@@ -499,7 +517,7 @@
           <a href="https://bugzilla.redhat.com/2091682">https://bugzilla.redhat.com/2091682</a>
           <a href="https://bugzilla.redhat.com/2091687">https://bugzilla.redhat.com/2091687</a>
           <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1897">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1897</a>
-          <a href="https://errata.almalinux.org/9/ALSA-2022-5942.html">https://errata.almalinux.org/9/ALSA-2022-5942.html</a>
+          <a href="https://errata.almalinux.org/8/ALSA-2022-5813.html">https://errata.almalinux.org/8/ALSA-2022-5813.html</a>
           <a href="https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a">https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a</a>
           <a href="https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a (v8.2.5023)">https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a (v8.2.5023)</a>
           <a href="https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118">https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118</a>
diff --git a/trivy-results.sarif b/trivy-results.sarif
index 0600a28..73bc38c 100644
--- a/trivy-results.sarif
+++ b/trivy-results.sarif
@@ -63,6 +63,33 @@
                 ]
               }
             },
+            {
+              "id": "CVE-2022-40674",
+              "name": "OsPackageVulnerability",
+              "shortDescription": {
+                "text": "CVE-2022-40674"
+              },
+              "fullDescription": {
+                "text": "libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c."
+              },
+              "defaultConfiguration": {
+                "level": "error"
+              },
+              "helpUri": "https://avd.aquasec.com/nvd/cve-2022-40674",
+              "help": {
+                "text": "Vulnerability CVE-2022-40674\nSeverity: CRITICAL\nPackage: expat\nFixed Version: 2.2.5-8.el8_6.3\nLink: [CVE-2022-40674](https://avd.aquasec.com/nvd/cve-2022-40674)\nlibexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.",
+                "markdown": "**Vulnerability CVE-2022-40674**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|CRITICAL|expat|2.2.5-8.el8_6.3|[CVE-2022-40674](https://avd.aquasec.com/nvd/cve-2022-40674)|\n\nlibexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c."
+              },
+              "properties": {
+                "precision": "very-high",
+                "security-severity": "9.8",
+                "tags": [
+                  "vulnerability",
+                  "security",
+                  "CRITICAL"
+                ]
+              }
+            },
             {
               "id": "CVE-2022-34903",
               "name": "OsPackageVulnerability",
@@ -360,8 +387,32 @@
           ]
         },
         {
-          "ruleId": "CVE-2022-34903",
+          "ruleId": "CVE-2022-40674",
           "ruleIndex": 2,
+          "level": "error",
+          "message": {
+            "text": "Package: expat\nInstalled Version: 2.2.5-8.el8_6.2\nVulnerability CVE-2022-40674\nSeverity: CRITICAL\nFixed Version: 2.2.5-8.el8_6.3\nLink: [CVE-2022-40674](https://avd.aquasec.com/nvd/cve-2022-40674)"
+          },
+          "locations": [
+            {
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "rockylinux/rockylinux",
+                  "uriBaseId": "ROOTPATH"
+                },
+                "region": {
+                  "startLine": 1,
+                  "startColumn": 1,
+                  "endLine": 1,
+                  "endColumn": 1
+                }
+              }
+            }
+          ]
+        },
+        {
+          "ruleId": "CVE-2022-34903",
+          "ruleIndex": 3,
           "level": "warning",
           "message": {
             "text": "Package: gnupg2\nInstalled Version: 2.2.20-2.el8\nVulnerability CVE-2022-34903\nSeverity: MEDIUM\nFixed Version: 2.2.20-3.el8_6\nLink: [CVE-2022-34903](https://avd.aquasec.com/nvd/cve-2022-34903)"
@@ -433,7 +484,7 @@
         },
         {
           "ruleId": "CVE-2022-1292",
-          "ruleIndex": 3,
+          "ruleIndex": 4,
           "level": "error",
           "message": {
             "text": "Package: openssl-libs\nInstalled Version: 1:1.1.1k-6.el8_5\nVulnerability CVE-2022-1292\nSeverity: CRITICAL\nFixed Version: 1:1.1.1k-7.el8_6\nLink: [CVE-2022-1292](https://avd.aquasec.com/nvd/cve-2022-1292)"
@@ -457,7 +508,7 @@
         },
         {
           "ruleId": "CVE-2022-2068",
-          "ruleIndex": 4,
+          "ruleIndex": 5,
           "level": "error",
           "message": {
             "text": "Package: openssl-libs\nInstalled Version: 1:1.1.1k-6.el8_5\nVulnerability CVE-2022-2068\nSeverity: CRITICAL\nFixed Version: 1:1.1.1k-7.el8_6\nLink: [CVE-2022-2068](https://avd.aquasec.com/nvd/cve-2022-2068)"
@@ -481,7 +532,7 @@
         },
         {
           "ruleId": "CVE-2022-2097",
-          "ruleIndex": 5,
+          "ruleIndex": 6,
           "level": "warning",
           "message": {
             "text": "Package: openssl-libs\nInstalled Version: 1:1.1.1k-6.el8_5\nVulnerability CVE-2022-2097\nSeverity: MEDIUM\nFixed Version: 1:1.1.1k-7.el8_6\nLink: [CVE-2022-2097](https://avd.aquasec.com/nvd/cve-2022-2097)"
@@ -505,7 +556,7 @@
         },
         {
           "ruleId": "CVE-2022-1586",
-          "ruleIndex": 6,
+          "ruleIndex": 7,
           "level": "error",
           "message": {
             "text": "Package: pcre2\nInstalled Version: 10.32-2.el8\nVulnerability CVE-2022-1586\nSeverity: CRITICAL\nFixed Version: 10.32-3.el8_6\nLink: [CVE-2022-1586](https://avd.aquasec.com/nvd/cve-2022-1586)"
@@ -529,7 +580,7 @@
         },
         {
           "ruleId": "CVE-2022-2526",
-          "ruleIndex": 7,
+          "ruleIndex": 8,
           "level": "error",
           "message": {
             "text": "Package: systemd\nInstalled Version: 239-58.el8\nVulnerability CVE-2022-2526\nSeverity: CRITICAL\nFixed Version: 239-58.el8_6.4\nLink: [CVE-2022-2526](https://avd.aquasec.com/nvd/cve-2022-2526)"
@@ -553,7 +604,7 @@
         },
         {
           "ruleId": "CVE-2022-2526",
-          "ruleIndex": 7,
+          "ruleIndex": 8,
           "level": "error",
           "message": {
             "text": "Package: systemd-libs\nInstalled Version: 239-58.el8\nVulnerability CVE-2022-2526\nSeverity: CRITICAL\nFixed Version: 239-58.el8_6.4\nLink: [CVE-2022-2526](https://avd.aquasec.com/nvd/cve-2022-2526)"
@@ -577,7 +628,7 @@
         },
         {
           "ruleId": "CVE-2022-2526",
-          "ruleIndex": 7,
+          "ruleIndex": 8,
           "level": "error",
           "message": {
             "text": "Package: systemd-pam\nInstalled Version: 239-58.el8\nVulnerability CVE-2022-2526\nSeverity: CRITICAL\nFixed Version: 239-58.el8_6.4\nLink: [CVE-2022-2526](https://avd.aquasec.com/nvd/cve-2022-2526)"
@@ -601,7 +652,7 @@
         },
         {
           "ruleId": "CVE-2022-1927",
-          "ruleIndex": 8,
+          "ruleIndex": 9,
           "level": "error",
           "message": {
             "text": "Package: vim-minimal\nInstalled Version: 2:8.0.1763-19.el8_6.2\nVulnerability CVE-2022-1927\nSeverity: CRITICAL\nFixed Version: 2:8.0.1763-19.el8_6.4\nLink: [CVE-2022-1927](https://avd.aquasec.com/nvd/cve-2022-1927)"
@@ -625,7 +676,7 @@
         },
         {
           "ruleId": "CVE-2022-1785",
-          "ruleIndex": 9,
+          "ruleIndex": 10,
           "level": "error",
           "message": {
             "text": "Package: vim-minimal\nInstalled Version: 2:8.0.1763-19.el8_6.2\nVulnerability CVE-2022-1785\nSeverity: HIGH\nFixed Version: 2:8.0.1763-19.el8_6.4\nLink: [CVE-2022-1785](https://avd.aquasec.com/nvd/cve-2022-1785)"
@@ -649,7 +700,7 @@
         },
         {
           "ruleId": "CVE-2022-1897",
-          "ruleIndex": 10,
+          "ruleIndex": 11,
           "level": "error",
           "message": {
             "text": "Package: vim-minimal\nInstalled Version: 2:8.0.1763-19.el8_6.2\nVulnerability CVE-2022-1897\nSeverity: HIGH\nFixed Version: 2:8.0.1763-19.el8_6.4\nLink: [CVE-2022-1897](https://avd.aquasec.com/nvd/cve-2022-1897)"

rocky
7.61.1-22.el8_6.3	7.61.1-22.el8_6.4	- https://access.redhat.com/errata/RHSA-2022:6157 + https://access.redhat.com/errata/RHSA-2022:6159 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json https://access.redhat.com/security/cve/CVE-2022-32206 https://bugzilla.redhat.com/2099300 - https://bugzilla.redhat.com/2099305 https://bugzilla.redhat.com/2099306 https://curl.se/docs/CVE-2022-32206.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206 - https://errata.almalinux.org/9/ALSA-2022-6157.html + https://errata.almalinux.org/8/ALSA-2022-6159.html https://hackerone.com/reports/1570651 https://linux.oracle.com/cve/CVE-2022-32206.html https://linux.oracle.com/errata/ELSA-2022-6159.html @@ -127,16 +126,15 @@	7.61.1-22.el8_6.3	7.61.1-22.el8_6.4	- https://access.redhat.com/errata/RHSA-2022:6157 + https://access.redhat.com/errata/RHSA-2022:6159 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json https://access.redhat.com/security/cve/CVE-2022-32208 https://bugzilla.redhat.com/2099300 - https://bugzilla.redhat.com/2099305 https://bugzilla.redhat.com/2099306 https://curl.se/docs/CVE-2022-32208.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208 - https://errata.almalinux.org/9/ALSA-2022-6157.html + https://errata.almalinux.org/8/ALSA-2022-6159.html https://hackerone.com/reports/1590071 https://linux.oracle.com/cve/CVE-2022-32208.html https://linux.oracle.com/errata/ELSA-2022-6159.html @@ -149,6 +147,34 @@ https://www.debian.org/security/2022/dsa-5197
expat	CVE-2022-40674	CRITICAL	2.2.5-8.el8_6.2	2.2.5-8.el8_6.3	+ https://access.redhat.com/errata/RHSA-2022:6878 + https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40674.json + https://access.redhat.com/security/cve/CVE-2022-40674 + https://blog.hartwork.org/posts/expat-2-4-9-released/ + https://bugzilla.redhat.com/2130769 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674 + https://errata.almalinux.org/8/ALSA-2022-6878.html + https://github.com/advisories/GHSA-2vq2-xc55-3j5m + https://github.com/libexpat/libexpat/pull/629 + https://github.com/libexpat/libexpat/pull/640 + https://linux.oracle.com/cve/CVE-2022-40674.html + https://linux.oracle.com/errata/ELSA-2022-6878.html + https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html + https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/ + https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/ + https://nvd.nist.gov/vuln/detail/CVE-2022-40674 + https://security.gentoo.org/glsa/202209-24 + https://ubuntu.com/security/notices/USN-5638-1 + https://www.debian.org/security/2022/dsa-5236 +
gnupg2	CVE-2022-34903	7.61.1-22.el8_6.3	7.61.1-22.el8_6.4	- https://access.redhat.com/errata/RHSA-2022:6157 + https://access.redhat.com/errata/RHSA-2022:6159 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json https://access.redhat.com/security/cve/CVE-2022-32206 https://bugzilla.redhat.com/2099300 - https://bugzilla.redhat.com/2099305 https://bugzilla.redhat.com/2099306 https://curl.se/docs/CVE-2022-32206.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206 - https://errata.almalinux.org/9/ALSA-2022-6157.html + https://errata.almalinux.org/8/ALSA-2022-6159.html https://hackerone.com/reports/1570651 https://linux.oracle.com/cve/CVE-2022-32206.html https://linux.oracle.com/errata/ELSA-2022-6159.html @@ -214,16 +239,15 @@	7.61.1-22.el8_6.3	7.61.1-22.el8_6.4	- https://access.redhat.com/errata/RHSA-2022:6157 + https://access.redhat.com/errata/RHSA-2022:6159 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json https://access.redhat.com/security/cve/CVE-2022-32208 https://bugzilla.redhat.com/2099300 - https://bugzilla.redhat.com/2099305 https://bugzilla.redhat.com/2099306 https://curl.se/docs/CVE-2022-32208.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208 - https://errata.almalinux.org/9/ALSA-2022-6157.html + https://errata.almalinux.org/8/ALSA-2022-6159.html https://hackerone.com/reports/1590071 https://linux.oracle.com/cve/CVE-2022-32208.html https://linux.oracle.com/errata/ELSA-2022-6159.html @@ -243,18 +267,16 @@	1:1.1.1k-6.el8_5	1:1.1.1k-7.el8_6	- https://access.redhat.com/errata/RHSA-2022:6224 + https://access.redhat.com/errata/RHSA-2022:5818 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json https://access.redhat.com/security/cve/CVE-2022-1292 https://bugzilla.redhat.com/2081494 - https://bugzilla.redhat.com/2087911 - https://bugzilla.redhat.com/2087913 https://bugzilla.redhat.com/2097310 https://bugzilla.redhat.com/2104905 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292 - https://errata.almalinux.org/9/ALSA-2022-6224.html + https://errata.almalinux.org/8/ALSA-2022-5818.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23 @@ -282,18 +304,16 @@	1:1.1.1k-6.el8_5	1:1.1.1k-7.el8_6	- https://access.redhat.com/errata/RHSA-2022:6224 + https://access.redhat.com/errata/RHSA-2022:5818 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json https://access.redhat.com/security/cve/CVE-2022-2068 https://bugzilla.redhat.com/2081494 - https://bugzilla.redhat.com/2087911 - https://bugzilla.redhat.com/2087913 https://bugzilla.redhat.com/2097310 https://bugzilla.redhat.com/2104905 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068 - https://errata.almalinux.org/9/ALSA-2022-6224.html + https://errata.almalinux.org/8/ALSA-2022-5818.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7 @@ -316,19 +336,17 @@	1:1.1.1k-6.el8_5	1:1.1.1k-7.el8_6	- https://access.redhat.com/errata/RHSA-2022:6224 + https://access.redhat.com/errata/RHSA-2022:5818 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json https://access.redhat.com/security/cve/CVE-2022-2097 https://bugzilla.redhat.com/2081494 - https://bugzilla.redhat.com/2087911 - https://bugzilla.redhat.com/2087913 https://bugzilla.redhat.com/2097310 https://bugzilla.redhat.com/2104905 https://crates.io/crates/openssl-src https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097 - https://errata.almalinux.org/9/ALSA-2022-6224.html + https://errata.almalinux.org/8/ALSA-2022-5818.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93 https://linux.oracle.com/cve/CVE-2022-2097.html @@ -436,7 +454,7 @@	2:8.0.1763-19.el8_6.2	2:8.0.1763-19.el8_6.4	- https://access.redhat.com/errata/RHSA-2022:5942 + https://access.redhat.com/errata/RHSA-2022:5813 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json @@ -445,7 +463,7 @@ https://bugzilla.redhat.com/2091682 https://bugzilla.redhat.com/2091687 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1927 - https://errata.almalinux.org/9/ALSA-2022-5942.html + https://errata.almalinux.org/8/ALSA-2022-5813.html https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 (v8.2.5037) https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777 @@ -464,7 +482,7 @@	2:8.0.1763-19.el8_6.2	2:8.0.1763-19.el8_6.4	- https://access.redhat.com/errata/RHSA-2022:5942 + https://access.redhat.com/errata/RHSA-2022:5813 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json @@ -473,7 +491,7 @@ https://bugzilla.redhat.com/2091682 https://bugzilla.redhat.com/2091687 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1785 - https://errata.almalinux.org/9/ALSA-2022-5942.html + https://errata.almalinux.org/8/ALSA-2022-5813.html https://github.com/vim/vim/commit/e2bd8600b873d2cd1f9d667c28cba8b1dba18839 https://huntr.dev/bounties/8c969cba-eef2-4943-b44a-4e3089599109 https://linux.oracle.com/cve/CVE-2022-1785.html @@ -490,7 +508,7 @@	2:8.0.1763-19.el8_6.2	2:8.0.1763-19.el8_6.4	- https://access.redhat.com/errata/RHSA-2022:5942 + https://access.redhat.com/errata/RHSA-2022:5813 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json @@ -499,7 +517,7 @@ https://bugzilla.redhat.com/2091682 https://bugzilla.redhat.com/2091687 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1897 - https://errata.almalinux.org/9/ALSA-2022-5942.html + https://errata.almalinux.org/8/ALSA-2022-5813.html https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a (v8.2.5023) https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118 diff --git a/trivy-results.sarif b/trivy-results.sarif index 0600a28..73bc38c 100644 --- a/trivy-results.sarif +++ b/trivy-results.sarif @@ -63,6 +63,33 @@ ] } }, + { + "id": "CVE-2022-40674", + "name": "OsPackageVulnerability", + "shortDescription": { + "text": "CVE-2022-40674" + }, + "fullDescription": { + "text": "libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c." + }, + "defaultConfiguration": { + "level": "error" + }, + "helpUri": "https://avd.aquasec.com/nvd/cve-2022-40674", + "help": { + "text": "Vulnerability CVE-2022-40674\nSeverity: CRITICAL\nPackage: expat\nFixed Version: 2.2.5-8.el8_6.3\nLink: [CVE-2022-40674](https://avd.aquasec.com/nvd/cve-2022-40674)\nlibexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.", + "markdown": "Vulnerability CVE-2022-40674\n\| Severity \| Package \| Fixed Version \| Link \|\n\| --- \| --- \| --- \| --- \|\n\|CRITICAL\|expat\|2.2.5-8.el8_6.3\|[CVE-2022-40674](https://avd.aquasec.com/nvd/cve-2022-40674)\|\n\nlibexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c." + }, + "properties": { + "precision": "very-high", + "security-severity": "9.8", + "tags": [ + "vulnerability", + "security", + "CRITICAL" + ] + } + }, { "id": "CVE-2022-34903", "name": "OsPackageVulnerability", @@ -360,8 +387,32 @@ ] }, { - "ruleId": "CVE-2022-34903", + "ruleId": "CVE-2022-40674", "ruleIndex": 2, + "level": "error", + "message": { + "text": "Package: expat\nInstalled Version: 2.2.5-8.el8_6.2\nVulnerability CVE-2022-40674\nSeverity: CRITICAL\nFixed Version: 2.2.5-8.el8_6.3\nLink: [CVE-2022-40674](https://avd.aquasec.com/nvd/cve-2022-40674)" + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "rockylinux/rockylinux", + "uriBaseId": "ROOTPATH" + }, + "region": { + "startLine": 1, + "startColumn": 1, + "endLine": 1, + "endColumn": 1 + } + } + } + ] + }, + { + "ruleId": "CVE-2022-34903", + "ruleIndex": 3, "level": "warning", "message": { "text": "Package: gnupg2\nInstalled Version: 2.2.20-2.el8\nVulnerability CVE-2022-34903\nSeverity: MEDIUM\nFixed Version: 2.2.20-3.el8_6\nLink: [CVE-2022-34903](https://avd.aquasec.com/nvd/cve-2022-34903)" @@ -433,7 +484,7 @@ }, { "ruleId": "CVE-2022-1292", - "ruleIndex": 3, + "ruleIndex": 4, "level": "error", "message": { "text": "Package: openssl-libs\nInstalled Version: 1:1.1.1k-6.el8_5\nVulnerability CVE-2022-1292\nSeverity: CRITICAL\nFixed Version: 1:1.1.1k-7.el8_6\nLink: [CVE-2022-1292](https://avd.aquasec.com/nvd/cve-2022-1292)" @@ -457,7 +508,7 @@ }, { "ruleId": "CVE-2022-2068", - "ruleIndex": 4, + "ruleIndex": 5, "level": "error", "message": { "text": "Package: openssl-libs\nInstalled Version: 1:1.1.1k-6.el8_5\nVulnerability CVE-2022-2068\nSeverity: CRITICAL\nFixed Version: 1:1.1.1k-7.el8_6\nLink: [CVE-2022-2068](https://avd.aquasec.com/nvd/cve-2022-2068)" @@ -481,7 +532,7 @@ }, { "ruleId": "CVE-2022-2097", - "ruleIndex": 5, + "ruleIndex": 6, "level": "warning", "message": { "text": "Package: openssl-libs\nInstalled Version: 1:1.1.1k-6.el8_5\nVulnerability CVE-2022-2097\nSeverity: MEDIUM\nFixed Version: 1:1.1.1k-7.el8_6\nLink: [CVE-2022-2097](https://avd.aquasec.com/nvd/cve-2022-2097)" @@ -505,7 +556,7 @@ }, { "ruleId": "CVE-2022-1586", - "ruleIndex": 6, + "ruleIndex": 7, "level": "error", "message": { "text": "Package: pcre2\nInstalled Version: 10.32-2.el8\nVulnerability CVE-2022-1586\nSeverity: CRITICAL\nFixed Version: 10.32-3.el8_6\nLink: [CVE-2022-1586](https://avd.aquasec.com/nvd/cve-2022-1586)" @@ -529,7 +580,7 @@ }, { "ruleId": "CVE-2022-2526", - "ruleIndex": 7, + "ruleIndex": 8, "level": "error", "message": { "text": "Package: systemd\nInstalled Version: 239-58.el8\nVulnerability CVE-2022-2526\nSeverity: CRITICAL\nFixed Version: 239-58.el8_6.4\nLink: [CVE-2022-2526](https://avd.aquasec.com/nvd/cve-2022-2526)" @@ -553,7 +604,7 @@ }, { "ruleId": "CVE-2022-2526", - "ruleIndex": 7, + "ruleIndex": 8, "level": "error", "message": { "text": "Package: systemd-libs\nInstalled Version: 239-58.el8\nVulnerability CVE-2022-2526\nSeverity: CRITICAL\nFixed Version: 239-58.el8_6.4\nLink: [CVE-2022-2526](https://avd.aquasec.com/nvd/cve-2022-2526)" @@ -577,7 +628,7 @@ }, { "ruleId": "CVE-2022-2526", - "ruleIndex": 7, + "ruleIndex": 8, "level": "error", "message": { "text": "Package: systemd-pam\nInstalled Version: 239-58.el8\nVulnerability CVE-2022-2526\nSeverity: CRITICAL\nFixed Version: 239-58.el8_6.4\nLink: [CVE-2022-2526](https://avd.aquasec.com/nvd/cve-2022-2526)" @@ -601,7 +652,7 @@ }, { "ruleId": "CVE-2022-1927", - "ruleIndex": 8, + "ruleIndex": 9, "level": "error", "message": { "text": "Package: vim-minimal\nInstalled Version: 2:8.0.1763-19.el8_6.2\nVulnerability CVE-2022-1927\nSeverity: CRITICAL\nFixed Version: 2:8.0.1763-19.el8_6.4\nLink: [CVE-2022-1927](https://avd.aquasec.com/nvd/cve-2022-1927)" @@ -625,7 +676,7 @@ }, { "ruleId": "CVE-2022-1785", - "ruleIndex": 9, + "ruleIndex": 10, "level": "error", "message": { "text": "Package: vim-minimal\nInstalled Version: 2:8.0.1763-19.el8_6.2\nVulnerability CVE-2022-1785\nSeverity: HIGH\nFixed Version: 2:8.0.1763-19.el8_6.4\nLink: [CVE-2022-1785](https://avd.aquasec.com/nvd/cve-2022-1785)" @@ -649,7 +700,7 @@ }, { "ruleId": "CVE-2022-1897", - "ruleIndex": 10, + "ruleIndex": 11, "level": "error", "message": { "text": "Package: vim-minimal\nInstalled Version: 2:8.0.1763-19.el8_6.2\nVulnerability CVE-2022-1897\nSeverity: HIGH\nFixed Version: 2:8.0.1763-19.el8_6.4\nLink: [CVE-2022-1897](https://avd.aquasec.com/nvd/cve-2022-1897)"