forked from wolfi-dev/advisories
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcheckov.advisories.yaml
141 lines (132 loc) · 5.53 KB
/
checkov.advisories.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
schema-version: 2.0.2
package:
name: checkov
advisories:
- id: CVE-2024-22190
aliases:
- GHSA-2mqj-m65w-jghx
events:
- timestamp: 2024-02-14T11:01:34Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: 106278fb52508a9f
componentName: GitPython
componentVersion: 3.1.40
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/GitPython-3.1.40.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/GitPython-3.1.40.dist-info/RECORD, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/GitPython-3.1.40.dist-info/top_level.txt
scanner: grype
- id: CVE-2024-22195
aliases:
- GHSA-h5c8-rqwp-cp95
events:
- timestamp: 2024-02-14T11:01:35Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: 3039931a624f94cb
componentName: Jinja2
componentVersion: 3.1.2
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/Jinja2-3.1.2.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/Jinja2-3.1.2.dist-info/RECORD, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/Jinja2-3.1.2.dist-info/top_level.txt
scanner: grype
- id: CVE-2024-23334
aliases:
- GHSA-5h86-8mv2-jq9f
events:
- timestamp: 2024-02-14T11:01:34Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: c01daedbcb8c778c
componentName: aiohttp
componentVersion: 3.9.1
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/RECORD, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/top_level.txt
scanner: grype
- id: CVE-2024-23829
aliases:
- GHSA-8qpw-xqxj-h4r2
events:
- timestamp: 2024-02-14T11:01:35Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: c01daedbcb8c778c
componentName: aiohttp
componentVersion: 3.9.1
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/RECORD, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/top_level.txt
scanner: grype
- id: CVE-2024-27306
aliases:
- GHSA-7gpw-8wmc-pm8g
events:
- timestamp: 2024-04-19T10:23:52Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: c01daedbcb8c778c
componentName: aiohttp
componentVersion: 3.9.1
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/RECORD, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/top_level.txt
scanner: grype
- id: CVE-2024-30251
aliases:
- GHSA-5m98-qgg9-wh84
events:
- timestamp: 2024-05-04T07:09:10Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: c01daedbcb8c778c
componentName: aiohttp
componentVersion: 3.9.1
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/RECORD, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/aiohttp-3.9.1.dist-info/top_level.txt
scanner: grype
- id: CVE-2024-34062
aliases:
- GHSA-g7vv-2v7x-gj9p
events:
- timestamp: 2024-05-04T07:09:12Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: 4448538bf9eb7361
componentName: tqdm
componentVersion: 4.66.1
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/tqdm-4.66.1.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/tqdm-4.66.1.dist-info/RECORD, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/tqdm-4.66.1.dist-info/top_level.txt
scanner: grype
- id: CVE-2024-3651
aliases:
- GHSA-jjg7-2v4v-x38h
events:
- timestamp: 2024-04-12T08:13:32Z
type: detection
data:
type: scan/v1
data:
subpackageName: checkov
componentID: b6657da4e6ee48d8
componentName: idna
componentVersion: "3.6"
componentType: python
componentLocation: /usr/share/app/checkov/.venv/lib/python3.11/site-packages/idna-3.6.dist-info/METADATA, /usr/share/app/checkov/.venv/lib/python3.11/site-packages/idna-3.6.dist-info/RECORD
scanner: grype