forked from wolfi-dev/advisories
-
Notifications
You must be signed in to change notification settings - Fork 0
/
checkov.advisories.yaml
73 lines (68 loc) · 2.86 KB
/
checkov.advisories.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
schema-version: 2.0.2
package:
name: checkov
advisories:
- id: CVE-2024-22190
aliases:
- GHSA-2mqj-m65w-jghx
events:
- timestamp: 2024-02-14T11:01:34Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: 106278fb52508a9f
componentName: GitPython
componentVersion: 3.1.40
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/GitPython-3.1.40.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/GitPython-3.1.40.dist-info/RECORD, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/GitPython-3.1.40.dist-info/top_level.txt
scanner: grype
- id: CVE-2024-22195
aliases:
- GHSA-h5c8-rqwp-cp95
events:
- timestamp: 2024-02-14T11:01:35Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: 3039931a624f94cb
componentName: Jinja2
componentVersion: 3.1.2
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/Jinja2-3.1.2.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/Jinja2-3.1.2.dist-info/RECORD, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/Jinja2-3.1.2.dist-info/top_level.txt
scanner: grype
- id: CVE-2024-23334
aliases:
- GHSA-5h86-8mv2-jq9f
events:
- timestamp: 2024-02-14T11:01:34Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: c01daedbcb8c778c
componentName: aiohttp
componentVersion: 3.9.1
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/RECORD, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/top_level.txt
scanner: grype
- id: CVE-2024-23829
aliases:
- GHSA-8qpw-xqxj-h4r2
events:
- timestamp: 2024-02-14T11:01:35Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: c01daedbcb8c778c
componentName: aiohttp
componentVersion: 3.9.1
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/RECORD, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/top_level.txt
scanner: grype