diff --git a/index.html b/index.html
index 379a978..eaefad3 100644
--- a/index.html
+++ b/index.html
@@ -51,7 +51,7 @@
       }
       a.toggle-more-links { cursor: pointer; }
     </style>
-    <title>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2022-12-27 13:04:52.006531364 +0000 UTC m=+1.358517910 </title>
+    <title>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2022-12-28 13:04:34.796318349 +0000 UTC m=+1.045279135 </title>
     <script>
       window.onload = function() {
         document.querySelectorAll('td.links').forEach(function(linkCell) {
@@ -81,11 +81,39 @@
     </script>
   </head>
   <body>
-    <h1>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2022-12-27 13:04:52.006561564 +0000 UTC m=+1.358548110</h1>
+    <h1>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2022-12-28 13:04:34.79634655 +0000 UTC m=+1.045307336</h1>
     <table>
       <tr class="group-header"><th colspan="6">rocky</th></tr>
       <tr><th colspan="6">No Vulnerabilities found</th></tr>
       <tr><th colspan="6">No Misconfigurations found</th></tr>
+      <tr class="group-header"><th colspan="6">python-pkg</th></tr>
+      <tr class="sub-header">
+        <th>Package</th>
+        <th>Vulnerability ID</th>
+        <th>Severity</th>
+        <th>Installed Version</th>
+        <th>Fixed Version</th>
+        <th>Links</th>
+      </tr>
+      <tr class="severity-HIGH">
+        <td class="pkg-name">setuptools</td>
+        <td>CVE-2022-40897</td>
+        <td class="severity">HIGH</td>
+        <td class="pkg-version">39.2.0</td>
+        <td>65.5.1</td>
+        <td class="links" data-more-links="off">
+          <a href="https://github.com/advisories/GHSA-r9hx-vwmv-q579">https://github.com/advisories/GHSA-r9hx-vwmv-q579</a>
+          <a href="https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200">https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200</a>
+          <a href="https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be">https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be</a>
+          <a href="https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1">https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1</a>
+          <a href="https://github.com/pypa/setuptools/issues/3659">https://github.com/pypa/setuptools/issues/3659</a>
+          <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-40897">https://nvd.nist.gov/vuln/detail/CVE-2022-40897</a>
+          <a href="https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/">https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/</a>
+          <a href="https://pyup.io/vulnerabilities/CVE-2022-40897/52495/">https://pyup.io/vulnerabilities/CVE-2022-40897/52495/</a>
+          <a href="https://setuptools.pypa.io/en/latest/">https://setuptools.pypa.io/en/latest/</a>
+        </td>
+      </tr>
+      <tr><th colspan="6">No Misconfigurations found</th></tr>
     </table>
   </body>
 </html>
diff --git a/trivy-results.sarif b/trivy-results.sarif
index 73b78f2..2b0795a 100644
--- a/trivy-results.sarif
+++ b/trivy-results.sarif
@@ -8,11 +8,67 @@
           "fullName": "Trivy Vulnerability Scanner",
           "informationUri": "https://github.com/aquasecurity/trivy",
           "name": "Trivy",
-          "rules": [],
+          "rules": [
+            {
+              "id": "CVE-2022-40897",
+              "name": "LanguageSpecificPackageVulnerability",
+              "shortDescription": {
+                "text": "pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)"
+              },
+              "fullDescription": {
+                "text": "Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py."
+              },
+              "defaultConfiguration": {
+                "level": "error"
+              },
+              "helpUri": "https://avd.aquasec.com/nvd/cve-2022-40897",
+              "help": {
+                "text": "Vulnerability CVE-2022-40897\nSeverity: HIGH\nPackage: setuptools\nFixed Version: 65.5.1\nLink: [CVE-2022-40897](https://avd.aquasec.com/nvd/cve-2022-40897)\nPython Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.",
+                "markdown": "**Vulnerability CVE-2022-40897**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|HIGH|setuptools|65.5.1|[CVE-2022-40897](https://avd.aquasec.com/nvd/cve-2022-40897)|\n\nPython Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py."
+              },
+              "properties": {
+                "precision": "very-high",
+                "security-severity": "7.5",
+                "tags": [
+                  "vulnerability",
+                  "security",
+                  "HIGH"
+                ]
+              }
+            }
+          ],
           "version": "0.34.0"
         }
       },
-      "results": [],
+      "results": [
+        {
+          "ruleId": "CVE-2022-40897",
+          "ruleIndex": 0,
+          "level": "error",
+          "message": {
+            "text": "Package: setuptools\nInstalled Version: 39.2.0\nVulnerability CVE-2022-40897\nSeverity: HIGH\nFixed Version: 65.5.1\nLink: [CVE-2022-40897](https://avd.aquasec.com/nvd/cve-2022-40897)"
+          },
+          "locations": [
+            {
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "usr/lib/python3.6/site-packages/setuptools-39.2.0.dist-info/METADATA",
+                  "uriBaseId": "ROOTPATH"
+                },
+                "region": {
+                  "startLine": 1,
+                  "startColumn": 1,
+                  "endLine": 1,
+                  "endColumn": 1
+                }
+              },
+              "message": {
+                "text": "usr/lib/python3.6/site-packages/setuptools-39.2.0.dist-info/METADATA: setuptools@39.2.0"
+              }
+            }
+          ]
+        }
+      ],
       "columnKind": "utf16CodeUnits",
       "originalUriBaseIds": {
         "ROOTPATH": {

rocky
No Vulnerabilities found
No Misconfigurations found
python-pkg
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
setuptools	CVE-2022-40897	HIGH	39.2.0	65.5.1	+ https://github.com/advisories/GHSA-r9hx-vwmv-q579 + https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200 + https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be + https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1 + https://github.com/pypa/setuptools/issues/3659 + https://nvd.nist.gov/vuln/detail/CVE-2022-40897 + https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/ + https://pyup.io/vulnerabilities/CVE-2022-40897/52495/ + https://setuptools.pypa.io/en/latest/ +
No Misconfigurations found