From df23868c90b671660c4d0d628214fd678bd4d01d Mon Sep 17 00:00:00 2001 From: NeilHanlon Date: Fri, 17 Feb 2023 13:06:26 +0000 Subject: [PATCH] deploy: 8ccce7fd31973e438889a894e0b29e70f8459500 --- index.html | 65 ++++++++++++++++++++++++++++++++------------- trivy-results.sarif | 62 +++++++++++++++++++++++++++++++++++++++--- 2 files changed, 104 insertions(+), 23 deletions(-) diff --git a/index.html b/index.html index 5bb2779..b9a33ee 100644 --- a/index.html +++ b/index.html @@ -51,7 +51,7 @@ } a.toggle-more-links { cursor: pointer; } - docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-16 13:06:30.988440764 +0000 UTC m=+0.651300861 + docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-17 13:06:25.614870608 +0000 UTC m=+1.886522334 -

docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-16 13:06:30.988477764 +0000 UTC m=+0.651337861

+

docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-17 13:06:25.614900808 +0000 UTC m=+1.886552534

@@ -111,7 +111,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/418https://linux.oracle.com/cve/CVE-2022-42010.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -142,7 +142,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/413https://linux.oracle.com/cve/CVE-2022-42011.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -173,7 +173,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/417https://linux.oracle.com/cve/CVE-2022-42012.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -204,7 +204,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/418https://linux.oracle.com/cve/CVE-2022-42010.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -235,7 +235,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/413https://linux.oracle.com/cve/CVE-2022-42011.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -266,7 +266,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/417https://linux.oracle.com/cve/CVE-2022-42012.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -297,7 +297,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/418https://linux.oracle.com/cve/CVE-2022-42010.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -328,7 +328,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/413https://linux.oracle.com/cve/CVE-2022-42011.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -359,7 +359,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/417https://linux.oracle.com/cve/CVE-2022-42012.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -390,7 +390,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/418https://linux.oracle.com/cve/CVE-2022-42010.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -421,7 +421,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/413https://linux.oracle.com/cve/CVE-2022-42011.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -452,7 +452,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012https://errata.almalinux.org/9/ALSA-2023-0335.html - https://errata.rockylinux.org/RLSA-2023:0096 + https://errata.rockylinux.org/RLSA-2023:0335https://gitlab.freedesktop.org/dbus/dbus/-/issues/417https://linux.oracle.com/cve/CVE-2022-42012.htmlhttps://linux.oracle.com/errata/ELSA-2023-0335.html @@ -477,7 +477,7 @@ https://bugzilla.redhat.com/show_bug.cgi?id=2140059https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680https://errata.almalinux.org/9/ALSA-2023-0337.html - https://errata.rockylinux.org/RLSA-2023:0103 + https://errata.rockylinux.org/RLSA-2023:0337https://github.com/libexpat/libexpat/issues/649https://github.com/libexpat/libexpat/pull/616https://github.com/libexpat/libexpat/pull/650 @@ -498,6 +498,33 @@ https://www.debian.org/security/2022/dsa-5266 + + + + + + + + @@ -512,7 +539,7 @@ https://bugzilla.redhat.com/show_bug.cgi?id=2140058https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848https://errata.almalinux.org/9/ALSA-2023-0343.html - https://errata.rockylinux.org/RLSA-2023:0116 + https://errata.rockylinux.org/RLSA-2023:0343https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5https://gitlab.com/gnutls/libtasn1/-/issues/32https://linux.oracle.com/cve/CVE-2021-46848.html @@ -547,7 +574,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304https://errata.almalinux.org/9/ALSA-2023-0338.html - https://errata.rockylinux.org/RLSA-2023:0173 + https://errata.rockylinux.org/RLSA-2023:0338https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3https://linux.oracle.com/cve/CVE-2022-40303.html @@ -583,7 +610,7 @@ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304https://errata.almalinux.org/9/ALSA-2023-0338.html - https://errata.rockylinux.org/RLSA-2023:0173 + https://errata.rockylinux.org/RLSA-2023:0338https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80bhttps://gitlab.gnome.org/GNOME/libxml2/-/tagshttps://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3 @@ -614,7 +641,7 @@ https://bugzilla.redhat.com/show_bug.cgi?id=2110291https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35737https://errata.almalinux.org/9/ALSA-2023-0339.html - https://errata.rockylinux.org/RLSA-2023:0110 + https://errata.rockylinux.org/RLSA-2023:0339https://github.com/advisories/GHSA-jw36-hf63-69r9https://kb.cert.org/vuls/id/720344https://linux.oracle.com/cve/CVE-2022-35737.html diff --git a/trivy-results.sarif b/trivy-results.sarif index ac66978..711fec0 100644 --- a/trivy-results.sarif +++ b/trivy-results.sarif @@ -117,6 +117,33 @@ ] } }, + { + "id": "CVE-2022-47629", + "name": "OsPackageVulnerability", + "shortDescription": { + "text": "libksba: integer overflow to code execution" + }, + "fullDescription": { + "text": "Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser." + }, + "defaultConfiguration": { + "level": "error" + }, + "helpUri": "https://avd.aquasec.com/nvd/cve-2022-47629", + "help": { + "text": "Vulnerability CVE-2022-47629\nSeverity: HIGH\nPackage: libksba\nFixed Version: 1.3.5-9.el8_7\nLink: [CVE-2022-47629](https://avd.aquasec.com/nvd/cve-2022-47629)\nLibksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.", + "markdown": "**Vulnerability CVE-2022-47629**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|HIGH|libksba|1.3.5-9.el8_7|[CVE-2022-47629](https://avd.aquasec.com/nvd/cve-2022-47629)|\n\nLibksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser." + }, + "properties": { + "precision": "very-high", + "security-severity": "8.0", + "tags": [ + "vulnerability", + "security", + "HIGH" + ] + } + }, { "id": "CVE-2021-46848", "name": "OsPackageVulnerability", @@ -582,8 +609,35 @@ ] }, { - "ruleId": "CVE-2021-46848", + "ruleId": "CVE-2022-47629", "ruleIndex": 4, + "level": "error", + "message": { + "text": "Package: libksba\nInstalled Version: 1.3.5-8.el8_6\nVulnerability CVE-2022-47629\nSeverity: HIGH\nFixed Version: 1.3.5-9.el8_7\nLink: [CVE-2022-47629](https://avd.aquasec.com/nvd/cve-2022-47629)" + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "rockylinux/rockylinux", + "uriBaseId": "ROOTPATH" + }, + "region": { + "startLine": 1, + "startColumn": 1, + "endLine": 1, + "endColumn": 1 + } + }, + "message": { + "text": "rockylinux/rockylinux: libksba@1.3.5-8.el8_6" + } + } + ] + }, + { + "ruleId": "CVE-2021-46848", + "ruleIndex": 5, "level": "warning", "message": { "text": "Package: libtasn1\nInstalled Version: 4.13-3.el8\nVulnerability CVE-2021-46848\nSeverity: MEDIUM\nFixed Version: 4.13-4.el8_7\nLink: [CVE-2021-46848](https://avd.aquasec.com/nvd/cve-2021-46848)" @@ -610,7 +664,7 @@ }, { "ruleId": "CVE-2022-40303", - "ruleIndex": 5, + "ruleIndex": 6, "level": "warning", "message": { "text": "Package: libxml2\nInstalled Version: 2.9.7-15.el8\nVulnerability CVE-2022-40303\nSeverity: MEDIUM\nFixed Version: 2.9.7-15.el8_7.1\nLink: [CVE-2022-40303](https://avd.aquasec.com/nvd/cve-2022-40303)" @@ -637,7 +691,7 @@ }, { "ruleId": "CVE-2022-40304", - "ruleIndex": 6, + "ruleIndex": 7, "level": "warning", "message": { "text": "Package: libxml2\nInstalled Version: 2.9.7-15.el8\nVulnerability CVE-2022-40304\nSeverity: MEDIUM\nFixed Version: 2.9.7-15.el8_7.1\nLink: [CVE-2022-40304](https://avd.aquasec.com/nvd/cve-2022-40304)" @@ -664,7 +718,7 @@ }, { "ruleId": "CVE-2022-35737", - "ruleIndex": 7, + "ruleIndex": 8, "level": "warning", "message": { "text": "Package: sqlite-libs\nInstalled Version: 3.26.0-16.el8_6\nVulnerability CVE-2022-35737\nSeverity: MEDIUM\nFixed Version: 3.26.0-17.el8_7\nLink: [CVE-2022-35737](https://avd.aquasec.com/nvd/cve-2022-35737)"
rocky
libksbaCVE-2022-47629HIGH1.3.5-8.el8_61.3.5-9.el8_7
libtasn1 CVE-2021-46848