diff --git a/integration/testdata/almalinux-8.json.golden b/integration/testdata/almalinux-8.json.golden index c9d4dfc4fb..4501e8f09f 100644 --- a/integration/testdata/almalinux-8.json.golden +++ b/integration/testdata/almalinux-8.json.golden @@ -61,6 +61,10 @@ }, "SeveritySource": "alma", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-3712", + "DataSource": { + "Name": "AlmaLinux Product Errata", + "URL": "https://errata.almalinux.org/" + }, "Title": "openssl: Read buffer overruns processing ASN.1 strings", "Description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own \"d2i\" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the \"data\" and \"length\" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the \"data\" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", "Severity": "MEDIUM", diff --git a/integration/testdata/alpine-310-registry.json.golden b/integration/testdata/alpine-310-registry.json.golden index db0e818f3b..3cc089fdec 100644 --- a/integration/testdata/alpine-310-registry.json.golden +++ b/integration/testdata/alpine-310-registry.json.golden @@ -70,6 +70,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1549", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: information disclosure in fork()", "Description": "OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).", "Severity": "MEDIUM", @@ -123,6 +127,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", @@ -186,6 +194,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1549", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: information disclosure in fork()", "Description": "OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).", "Severity": "MEDIUM", @@ -239,6 +251,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", diff --git a/integration/testdata/alpine-310.json.golden b/integration/testdata/alpine-310.json.golden index 663cdd36bd..b17d83c17d 100644 --- a/integration/testdata/alpine-310.json.golden +++ b/integration/testdata/alpine-310.json.golden @@ -63,6 +63,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1549", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: information disclosure in fork()", "Description": "OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).", "Severity": "MEDIUM", @@ -115,6 +119,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", @@ -177,6 +185,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1549", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: information disclosure in fork()", "Description": "OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).", "Severity": "MEDIUM", @@ -229,6 +241,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", diff --git a/integration/testdata/alpine-39-high-critical.json.golden b/integration/testdata/alpine-39-high-critical.json.golden index 9b19c24d45..9a2b279b9d 100644 --- a/integration/testdata/alpine-39-high-critical.json.golden +++ b/integration/testdata/alpine-39-high-critical.json.golden @@ -63,6 +63,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-14697", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Description": "musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.", "Severity": "CRITICAL", "CweIDs": [ @@ -94,6 +98,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-14697", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Description": "musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.", "Severity": "CRITICAL", "CweIDs": [ diff --git a/integration/testdata/alpine-39-ignore-cveids.json.golden b/integration/testdata/alpine-39-ignore-cveids.json.golden index daa364b144..d7c3ac2a9b 100644 --- a/integration/testdata/alpine-39-ignore-cveids.json.golden +++ b/integration/testdata/alpine-39-ignore-cveids.json.golden @@ -63,6 +63,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", @@ -125,6 +129,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", diff --git a/integration/testdata/alpine-39.json.golden b/integration/testdata/alpine-39.json.golden index e7e8033ace..d00123c01e 100644 --- a/integration/testdata/alpine-39.json.golden +++ b/integration/testdata/alpine-39.json.golden @@ -63,6 +63,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1549", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: information disclosure in fork()", "Description": "OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).", "Severity": "MEDIUM", @@ -115,6 +119,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", @@ -177,6 +185,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1549", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: information disclosure in fork()", "Description": "OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).", "Severity": "MEDIUM", @@ -229,6 +241,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", @@ -291,6 +307,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-14697", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Description": "musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.", "Severity": "CRITICAL", "CweIDs": [ @@ -322,6 +342,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-14697", + "DataSource": { + "Name": "Alpine Secdb", + "URL": "https://secdb.alpinelinux.org/" + }, "Description": "musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.", "Severity": "CRITICAL", "CweIDs": [ diff --git a/integration/testdata/amazon-1.json.golden b/integration/testdata/amazon-1.json.golden index 549edb6b2c..2269364cdb 100644 --- a/integration/testdata/amazon-1.json.golden +++ b/integration/testdata/amazon-1.json.golden @@ -62,6 +62,10 @@ }, "SeveritySource": "amazon", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5481", + "DataSource": { + "Name": "Amazon Linux Security Center", + "URL": "https://alas.aws.amazon.com/" + }, "Title": "curl: double free due to subsequent call of realloc()", "Description": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.", "Severity": "MEDIUM", diff --git a/integration/testdata/amazon-2.json.golden b/integration/testdata/amazon-2.json.golden index 2f9b8501ca..0be581a16e 100644 --- a/integration/testdata/amazon-2.json.golden +++ b/integration/testdata/amazon-2.json.golden @@ -62,6 +62,10 @@ }, "SeveritySource": "amazon", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5481", + "DataSource": { + "Name": "Amazon Linux Security Center", + "URL": "https://alas.aws.amazon.com/" + }, "Title": "curl: double free due to subsequent call of realloc()", "Description": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.", "Severity": "MEDIUM", @@ -112,6 +116,10 @@ }, "SeveritySource": "amazon", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5436", + "DataSource": { + "Name": "Amazon Linux Security Center", + "URL": "https://alas.aws.amazon.com/" + }, "Title": "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", "Description": "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", "Severity": "LOW", diff --git a/integration/testdata/busybox-with-lockfile.json.golden b/integration/testdata/busybox-with-lockfile.json.golden index 28f06d284a..47e323237d 100644 --- a/integration/testdata/busybox-with-lockfile.json.golden +++ b/integration/testdata/busybox-with-lockfile.json.golden @@ -62,6 +62,10 @@ "DiffID": "sha256:ea6f6933da66090da8bfe233d68f083792a68f944cd2d8f9fbb52da795813a4f" }, "PrimaryURL": "https://osv.dev/vulnerability/RUSTSEC-2019-0001", + "DataSource": { + "Name": "RustSec Advisory Database", + "URL": "https://github.com/RustSec/advisory-db" + }, "Title": "Uncontrolled recursion leads to abort in HTML serialization", "Description": "Affected versions of this crate did use recursion for serialization of HTML\nDOM trees.\n\nThis allows an attacker to cause abort due to stack overflow by providing\na pathologically nested input.\n\nThe flaw was corrected by serializing the DOM tree iteratively instead.", "Severity": "UNKNOWN", @@ -78,6 +82,10 @@ "DiffID": "sha256:ea6f6933da66090da8bfe233d68f083792a68f944cd2d8f9fbb52da795813a4f" }, "PrimaryURL": "https://osv.dev/vulnerability/RUSTSEC-2021-0074", + "DataSource": { + "Name": "RustSec Advisory Database", + "URL": "https://github.com/RustSec/advisory-db" + }, "Title": "Incorrect handling of embedded SVG and MathML leads to mutation XSS", "Description": "Affected versions of this crate did not account for namespace-related parsing\ndifferences between HTML, SVG, and MathML. Even if the `svg` and `math` elements\nare not allowed, the underlying HTML parser still treats them differently.\nRunning cleanup without accounting for these differing namespaces resulted in an \"impossible\"\nDOM, which appeared \"safe\" when examining the DOM tree, but when serialized and deserialized,\ncould be exploited to inject abitrary markup.\n\nTo exploit this, the application using this library must allow a tag that is parsed as raw text in HTML.\nThese [elements] are:\n\n* title\n* textarea\n* xmp\n* iframe\n* noembed\n* noframes\n* plaintext\n* noscript\n* style\n* script\n\nApplications that do not explicitly allow any of these tags should not be affected, since none are allowed by default.\n\n[elements]: https://github.com/servo/html5ever/blob/57eb334c0ffccc6f88d563419f0fbeef6ff5741c/html5ever/src/tree_builder/rules.rs", "Severity": "UNKNOWN", diff --git a/integration/testdata/debian-buster-ignore-unfixed.json.golden b/integration/testdata/debian-buster-ignore-unfixed.json.golden index 6fd4bd671a..2c9c3f3f0f 100644 --- a/integration/testdata/debian-buster-ignore-unfixed.json.golden +++ b/integration/testdata/debian-buster-ignore-unfixed.json.golden @@ -65,6 +65,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-18224", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "libidn2: heap-based buffer overflow in idn2_to_ascii_4i in lib/lookup.c", "Description": "idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.", "Severity": "CRITICAL", diff --git a/integration/testdata/debian-buster.json.golden b/integration/testdata/debian-buster.json.golden index 7b4df8ff86..9307800850 100644 --- a/integration/testdata/debian-buster.json.golden +++ b/integration/testdata/debian-buster.json.golden @@ -61,6 +61,10 @@ }, "SeveritySource": "debian", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-18276", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "bash: when effective UID is not equal to its real UID the saved UID is not dropped", "Description": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.", "Severity": "LOW", @@ -107,6 +111,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-18224", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "libidn2: heap-based buffer overflow in idn2_to_ascii_4i in lib/lookup.c", "Description": "idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.", "Severity": "CRITICAL", diff --git a/integration/testdata/debian-stretch.json.golden b/integration/testdata/debian-stretch.json.golden index e5de0c3862..9e0e2c3e44 100644 --- a/integration/testdata/debian-stretch.json.golden +++ b/integration/testdata/debian-stretch.json.golden @@ -61,6 +61,10 @@ }, "SeveritySource": "debian", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-18276", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "bash: when effective UID is not equal to its real UID the saved UID is not dropped", "Description": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.", "Severity": "LOW", @@ -107,6 +111,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", @@ -158,6 +166,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", @@ -209,6 +221,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", @@ -260,6 +276,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", diff --git a/integration/testdata/distroless-base.json.golden b/integration/testdata/distroless-base.json.golden index 67362e83b0..8494f46df2 100644 --- a/integration/testdata/distroless-base.json.golden +++ b/integration/testdata/distroless-base.json.golden @@ -59,6 +59,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", @@ -124,6 +128,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1563", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey", "Description": "In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", "Severity": "LOW", @@ -193,6 +201,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", @@ -258,6 +270,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1563", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey", "Description": "In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", "Severity": "LOW", diff --git a/integration/testdata/distroless-python27.json.golden b/integration/testdata/distroless-python27.json.golden index 7d58cd4760..fac0a16ba1 100644 --- a/integration/testdata/distroless-python27.json.golden +++ b/integration/testdata/distroless-python27.json.golden @@ -76,6 +76,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", @@ -141,6 +145,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1563", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey", "Description": "In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", "Severity": "LOW", @@ -210,6 +218,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1551", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "Severity": "MEDIUM", @@ -275,6 +287,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-1563", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey", "Description": "In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", "Severity": "LOW", diff --git a/integration/testdata/fixtures/db/data-source.yaml b/integration/testdata/fixtures/db/data-source.yaml new file mode 100644 index 0000000000..84e6a85d4b --- /dev/null +++ b/integration/testdata/fixtures/db/data-source.yaml @@ -0,0 +1,382 @@ +- bucket: data-source + pairs: + - key: GitHub Security Advisory Composer + value: + Name: "GitHub Security Advisory Composer" + URL: "https://github.com/advisories?query=type%%3Areviewed+ecosystem%%3Acomposer" + - key: GitHub Security Advisory Maven + value: + Name: "GitHub Security Advisory Maven" + URL: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Amaven" + - key: GitHub Security Advisory Npm + value: + Name: "GitHub Security Advisory Npm" + URL: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" + - key: GitHub Security Advisory Nuget + value: + Name: "GitHub Security Advisory Nuget" + URL: "https://github.com/advisories?query=type%%3Areviewed+ecosystem%%3Anuget" + - key: GitHub Security Advisory Pip + value: + Name: "GitHub Security Advisory Pip" + URL: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" + - key: GitHub Security Advisory RubyGems + value: + Name: "GitHub Security Advisory RubyGems" + URL: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arubygems" + - key: Oracle Linux 5 + value: + Name: "Oracle Linux OVAL definitions" + URL: "https://linux.oracle.com/security/oval/" + - key: Oracle Linux 6 + value: + Name: "Oracle Linux OVAL definitions" + URL: "https://linux.oracle.com/security/oval/" + - key: Oracle Linux 7 + value: + Name: "Oracle Linux OVAL definitions" + URL: "https://linux.oracle.com/security/oval/" + - key: Oracle Linux 8 + value: + Name: "Oracle Linux OVAL definitions" + URL: "https://linux.oracle.com/security/oval/" + - key: Photon OS 1.0 + value: + Name: "Photon OS CVE metadata" + URL: "https://packages.vmware.com/photon/photon_cve_metadata/" + - key: Photon OS 2.0 + value: + Name: "Photon OS CVE metadata" + URL: "https://packages.vmware.com/photon/photon_cve_metadata/" + - key: Photon OS 3.0 + value: + Name: "Photon OS CVE metadata" + URL: "https://packages.vmware.com/photon/photon_cve_metadata/" + - key: Photon OS 4.0 + value: + Name: "Photon OS CVE metadata" + URL: "https://packages.vmware.com/photon/photon_cve_metadata/" + - key: SUSE Linux Enterprise 11 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 11-PUBCLOUD + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 11.1 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 11.2 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 11.3 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 11.4 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 12 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 12.1 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 12.2 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 12.3 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 12.4 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 12.5 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 15 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 15-ESPOS + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 15.1 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 15.2 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 15.3 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 15.4 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 5.0 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 5.1 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: alma 8 + value: + Name: "AlmaLinux Product Errata" + URL: "https://errata.almalinux.org/" + - key: alpine 3.10 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.11 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.12 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.13 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.14 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.15 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.2 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.3 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.4 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.5 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.6 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.7 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.8 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: alpine 3.9 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" + - key: amazon linux 1 + value: + Name: "Amazon Linux Security Center" + URL: "https://alas.aws.amazon.com/" + - key: amazon linux 2 + value: + Name: "Amazon Linux Security Center" + URL: "https://alas.aws.amazon.com/" + - key: archlinux + value: + Name: "Arch Linux Vulnerable issues" + URL: "https://security.archlinux.org/" + - key: cargo::Open Source Vulnerability + value: + Name: "RustSec Advisory Database" + URL: "https://github.com/RustSec/advisory-db" + - key: debian 10 + value: + Name: "Debian Security Tracker" + URL: "https://salsa.debian.org/security-tracker-team/security-tracker" + - key: debian 11 + value: + Name: "Debian Security Tracker" + URL: "https://salsa.debian.org/security-tracker-team/security-tracker" + - key: debian 12 + value: + Name: "Debian Security Tracker" + URL: "https://salsa.debian.org/security-tracker-team/security-tracker" + - key: debian 7 + value: + Name: "Debian Security Tracker" + URL: "https://salsa.debian.org/security-tracker-team/security-tracker" + - key: debian 8 + value: + Name: "Debian Security Tracker" + URL: "https://salsa.debian.org/security-tracker-team/security-tracker" + - key: debian 9 + value: + Name: "Debian Security Tracker" + URL: "https://salsa.debian.org/security-tracker-team/security-tracker" + - key: go::GitLab Advisory Database Community + value: + Name: "GitLab Advisory Database Community" + URL: "https://gitlab.com/gitlab-org/advisories-community" + - key: go::The Go Vulnerability Database + value: + Name: "The Go Vulnerability Database" + URL: "https://github.com/golang/vulndb" + - key: maven::GitLab Advisory Database Community + value: + Name: "GitLab Advisory Database Community" + URL: "https://gitlab.com/gitlab-org/advisories-community" + - key: nodejs-security-wg + value: + Name: "Node.js Ecosystem Security Working Group" + URL: "https://github.com/nodejs/security-wg" + - key: openSUSE Leap 15.0 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: openSUSE Leap 15.1 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: openSUSE Leap 15.2 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: openSUSE Leap 15.3 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: openSUSE Leap 15.4 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: openSUSE Leap 42.1 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: openSUSE Leap 42.2 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: openSUSE Leap 42.3 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: php-security-advisories + value: + Name: "PHP Security Advisories Database" + URL: "https://github.com/FriendsOfPHP/security-advisories" + - key: pip::Open Source Vulnerability + value: + Name: "Python Packaging Advisory Database" + URL: "https://github.com/pypa/advisory-db" + - key: rocky 8 + value: + Name: "Rocky Linux updateinfo" + URL: "https://download.rockylinux.org/pub/rocky/" + - key: ruby-advisory-db + value: + Name: "Ruby Advisory Database" + URL: "https://github.com/rubysec/ruby-advisory-db" + - key: ubuntu 12.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 12.10 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 13.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 13.10 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 14.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 14.10 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 15.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 15.10 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 16.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 16.10 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 17.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 17.10 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 18.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 18.10 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 19.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 19.10 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 20.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 20.10 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 21.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 21.10 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" \ No newline at end of file diff --git a/integration/testdata/fluentd-gems.json.golden b/integration/testdata/fluentd-gems.json.golden index d7f146593f..2afa048f46 100644 --- a/integration/testdata/fluentd-gems.json.golden +++ b/integration/testdata/fluentd-gems.json.golden @@ -118,6 +118,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-18224", + "DataSource": { + "Name": "Debian Security Tracker", + "URL": "https://salsa.debian.org/security-tracker-team/security-tracker" + }, "Title": "libidn2: heap-based buffer overflow in idn2_to_ascii_4i in lib/lookup.c", "Description": "idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.", "Severity": "CRITICAL", @@ -172,6 +176,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2020-8165", + "DataSource": { + "Name": "GitHub Security Advisory RubyGems", + "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arubygems" + }, "Title": "rubygem-activesupport: potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore", "Description": "A deserialization of untrusted data vulnernerability exists in rails \u003c 5.2.4.3, rails \u003c 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.", "Severity": "CRITICAL", diff --git a/integration/testdata/nodejs.json.golden b/integration/testdata/nodejs.json.golden index 3b06bc2a11..36ff46bcc7 100644 --- a/integration/testdata/nodejs.json.golden +++ b/integration/testdata/nodejs.json.golden @@ -28,6 +28,10 @@ "Layer": {}, "SeveritySource": "nodejs-security-wg", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-11358", + "DataSource": { + "Name": "GitHub Security Advisory Npm", + "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" + }, "Title": "jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection", "Description": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.", "Severity": "MEDIUM", @@ -137,6 +141,10 @@ "Layer": {}, "SeveritySource": "ghsa-npm", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-10744", + "DataSource": { + "Name": "GitHub Security Advisory Npm", + "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" + }, "Title": "nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties", "Description": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.", "Severity": "CRITICAL", diff --git a/integration/testdata/opensuse-leap-151.json.golden b/integration/testdata/opensuse-leap-151.json.golden index 591b70c88a..20d8491d4a 100644 --- a/integration/testdata/opensuse-leap-151.json.golden +++ b/integration/testdata/opensuse-leap-151.json.golden @@ -68,6 +68,10 @@ "Layer": { "DiffID": "sha256:f7f9ae80878a1c56d8f9ca977a5d844168f7afc0c1429feef9366e713eac06ff" }, + "DataSource": { + "Name": "SUSE CVRF", + "URL": "https://ftp.suse.com/pub/projects/security/cvrf/" + }, "Title": "Security update for openssl-1_1", "Description": "This update for openssl-1_1 fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (bsc#1158809). \n\nVarious FIPS related improvements were done:\n\n- FIPS: Backport SSH KDF to openssl (jsc#SLE-8789, bsc#1157775).\n- Port FIPS patches from SLE-12 (bsc#1158101).\n- Use SHA-2 in the RSA pairwise consistency check (bsc#1155346).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "Severity": "MEDIUM", @@ -84,6 +88,10 @@ "Layer": { "DiffID": "sha256:f7f9ae80878a1c56d8f9ca977a5d844168f7afc0c1429feef9366e713eac06ff" }, + "DataSource": { + "Name": "SUSE CVRF", + "URL": "https://ftp.suse.com/pub/projects/security/cvrf/" + }, "Title": "Security update for openssl-1_1", "Description": "This update for openssl-1_1 fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (bsc#1158809). \n\nVarious FIPS related improvements were done:\n\n- FIPS: Backport SSH KDF to openssl (jsc#SLE-8789, bsc#1157775).\n- Port FIPS patches from SLE-12 (bsc#1158101).\n- Use SHA-2 in the RSA pairwise consistency check (bsc#1155346).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "Severity": "MEDIUM", diff --git a/integration/testdata/oraclelinux-8-slim.json.golden b/integration/testdata/oraclelinux-8-slim.json.golden index fd2cab0205..e8f828a349 100644 --- a/integration/testdata/oraclelinux-8-slim.json.golden +++ b/integration/testdata/oraclelinux-8-slim.json.golden @@ -71,6 +71,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-3823", + "DataSource": { + "Name": "Oracle Linux OVAL definitions", + "URL": "https://linux.oracle.com/security/oval/" + }, "Title": "curl: SMTP end-of-response out-of-bounds read", "Description": "libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.", "Severity": "HIGH", @@ -120,6 +124,10 @@ }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5436", + "DataSource": { + "Name": "Oracle Linux OVAL definitions", + "URL": "https://linux.oracle.com/security/oval/" + }, "Title": "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", "Description": "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", "Severity": "HIGH", diff --git a/integration/testdata/photon-30.json.golden b/integration/testdata/photon-30.json.golden index 00f0e7cd60..5ee3e18f99 100644 --- a/integration/testdata/photon-30.json.golden +++ b/integration/testdata/photon-30.json.golden @@ -72,6 +72,10 @@ }, "SeveritySource": "photon", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-18276", + "DataSource": { + "Name": "Photon OS CVE metadata", + "URL": "https://packages.vmware.com/photon/photon_cve_metadata/" + }, "Title": "bash: when effective UID is not equal to its real UID the saved UID is not dropped", "Description": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.", "Severity": "HIGH", @@ -115,6 +119,10 @@ }, "SeveritySource": "photon", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5481", + "DataSource": { + "Name": "Photon OS CVE metadata", + "URL": "https://packages.vmware.com/photon/photon_cve_metadata/" + }, "Title": "curl: double free due to subsequent call of realloc()", "Description": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.", "Severity": "CRITICAL", @@ -165,6 +173,10 @@ }, "SeveritySource": "photon", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5481", + "DataSource": { + "Name": "Photon OS CVE metadata", + "URL": "https://packages.vmware.com/photon/photon_cve_metadata/" + }, "Title": "curl: double free due to subsequent call of realloc()", "Description": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.", "Severity": "CRITICAL", diff --git a/integration/testdata/pip.json.golden b/integration/testdata/pip.json.golden index 6728f1eb30..5b36a90c0a 100644 --- a/integration/testdata/pip.json.golden +++ b/integration/testdata/pip.json.golden @@ -28,6 +28,10 @@ "Layer": {}, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-14806", + "DataSource": { + "Name": "GitHub Security Advisory Pip", + "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" + }, "Title": "python-werkzeug: insufficient debugger PIN randomness vulnerability", "Description": "Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.", "Severity": "HIGH", @@ -68,6 +72,10 @@ "Layer": {}, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2020-28724", + "DataSource": { + "Name": "GitHub Security Advisory Pip", + "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" + }, "Title": "python-werkzeug: open redirect via double slash in the URL", "Description": "Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.", "Severity": "MEDIUM", diff --git a/integration/testdata/rockylinux-8.json.golden b/integration/testdata/rockylinux-8.json.golden index 31a6373284..e4a1ebb1bf 100644 --- a/integration/testdata/rockylinux-8.json.golden +++ b/integration/testdata/rockylinux-8.json.golden @@ -61,6 +61,10 @@ }, "SeveritySource": "rocky", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-3712", + "DataSource": { + "Name": "Rocky Linux updateinfo", + "URL": "https://download.rockylinux.org/pub/rocky/" + }, "Title": "openssl: Read buffer overruns processing ASN.1 strings", "Description": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own \"d2i\" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the \"data\" and \"length\" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the \"data\" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", "Severity": "MEDIUM", diff --git a/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden b/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden index 4f331ac696..7b77150477 100644 --- a/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden +++ b/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden @@ -80,6 +80,10 @@ }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Ubuntu CVE Tracker", + "URL": "https://git.launchpad.net/ubuntu-cve-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", @@ -128,6 +132,10 @@ }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Ubuntu CVE Tracker", + "URL": "https://git.launchpad.net/ubuntu-cve-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", @@ -176,6 +184,10 @@ }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Ubuntu CVE Tracker", + "URL": "https://git.launchpad.net/ubuntu-cve-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", @@ -224,6 +236,10 @@ }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Ubuntu CVE Tracker", + "URL": "https://git.launchpad.net/ubuntu-cve-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", diff --git a/integration/testdata/ubuntu-1804.json.golden b/integration/testdata/ubuntu-1804.json.golden index 1877a29c4f..c9ca9e7557 100644 --- a/integration/testdata/ubuntu-1804.json.golden +++ b/integration/testdata/ubuntu-1804.json.golden @@ -79,6 +79,10 @@ }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-18276", + "DataSource": { + "Name": "Ubuntu CVE Tracker", + "URL": "https://git.launchpad.net/ubuntu-cve-tracker" + }, "Title": "bash: when effective UID is not equal to its real UID the saved UID is not dropped", "Description": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.", "Severity": "LOW", @@ -122,6 +126,10 @@ }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Ubuntu CVE Tracker", + "URL": "https://git.launchpad.net/ubuntu-cve-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", @@ -170,6 +178,10 @@ }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Ubuntu CVE Tracker", + "URL": "https://git.launchpad.net/ubuntu-cve-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", @@ -218,6 +230,10 @@ }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Ubuntu CVE Tracker", + "URL": "https://git.launchpad.net/ubuntu-cve-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", @@ -266,6 +282,10 @@ }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2019-5094", + "DataSource": { + "Name": "Ubuntu CVE Tracker", + "URL": "https://git.launchpad.net/ubuntu-cve-tracker" + }, "Title": "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write", "Description": "An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.", "Severity": "MEDIUM", diff --git a/pkg/detector/ospkg/alma/alma.go b/pkg/detector/ospkg/alma/alma.go index d9abc9e07a..a69023ae44 100644 --- a/pkg/detector/ospkg/alma/alma.go +++ b/pkg/detector/ospkg/alma/alma.go @@ -90,6 +90,7 @@ func (s *Scanner) Detect(osVer string, pkgs []ftypes.Package) ([]types.DetectedV InstalledVersion: installed, FixedVersion: fixedVersion.String(), Layer: pkg.Layer, + DataSource: adv.DataSource, } vulns = append(vulns, vuln) } diff --git a/pkg/detector/ospkg/alma/alma_test.go b/pkg/detector/ospkg/alma/alma_test.go index 484403b523..5a2444185b 100644 --- a/pkg/detector/ospkg/alma/alma_test.go +++ b/pkg/detector/ospkg/alma/alma_test.go @@ -1,6 +1,7 @@ package alma_test import ( + dbTypes "github.com/aquasecurity/trivy-db/pkg/types" "testing" "time" @@ -28,8 +29,11 @@ func TestScanner_Detect(t *testing.T) { wantErr string }{ { - name: "happy path", - fixtures: []string{"testdata/fixtures/alma.yaml"}, + name: "happy path", + fixtures: []string{ + "testdata/fixtures/alma.yaml", + "testdata/fixtures/data-source.yaml", + }, args: args{ osVer: "8.4", pkgs: []ftypes.Package{ @@ -56,12 +60,16 @@ func TestScanner_Detect(t *testing.T) { InstalledVersion: "3.6.8-36.el8.alma", FixedVersion: "3.6.8-37.el8.alma", Layer: ftypes.Layer{}, + DataSource: &dbTypes.DataSource{ + Name: "AlmaLinux Product Errata", + URL: "https://errata.almalinux.org/", + }, }, }, }, { name: "skip modular package", - fixtures: []string{"testdata/fixtures/modular.yaml"}, + fixtures: []string{"testdata/fixtures/modular.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "8.4", pkgs: []ftypes.Package{ @@ -85,7 +93,7 @@ func TestScanner_Detect(t *testing.T) { }, { name: "Get returns an error", - fixtures: []string{"testdata/fixtures/invalid.yaml"}, + fixtures: []string{"testdata/fixtures/invalid.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "8.4", pkgs: []ftypes.Package{ diff --git a/pkg/detector/ospkg/alma/testdata/fixtures/data-source.yaml b/pkg/detector/ospkg/alma/testdata/fixtures/data-source.yaml new file mode 100644 index 0000000000..f241ed6202 --- /dev/null +++ b/pkg/detector/ospkg/alma/testdata/fixtures/data-source.yaml @@ -0,0 +1,6 @@ +- bucket: data-source + pairs: + - key: alma 8 + value: + Name: "AlmaLinux Product Errata" + URL: "https://errata.almalinux.org/" \ No newline at end of file diff --git a/pkg/detector/ospkg/alpine/alpine.go b/pkg/detector/ospkg/alpine/alpine.go index d4b39b10e2..df7d2fb752 100644 --- a/pkg/detector/ospkg/alpine/alpine.go +++ b/pkg/detector/ospkg/alpine/alpine.go @@ -112,6 +112,7 @@ func (s *Scanner) Detect(osVer string, pkgs []ftypes.Package) ([]types.DetectedV FixedVersion: adv.FixedVersion, Layer: pkg.Layer, Custom: adv.Custom, + DataSource: adv.DataSource, }) } } diff --git a/pkg/detector/ospkg/alpine/alpine_test.go b/pkg/detector/ospkg/alpine/alpine_test.go index 06f7b70134..48df59c000 100644 --- a/pkg/detector/ospkg/alpine/alpine_test.go +++ b/pkg/detector/ospkg/alpine/alpine_test.go @@ -1,6 +1,7 @@ package alpine_test import ( + dbTypes "github.com/aquasecurity/trivy-db/pkg/types" "sort" "testing" "time" @@ -30,7 +31,7 @@ func TestScanner_Detect(t *testing.T) { }{ { name: "happy path", - fixtures: []string{"testdata/fixtures/alpine.yaml"}, + fixtures: []string{"testdata/fixtures/alpine.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "3.10.2", pkgs: []ftypes.Package{ @@ -60,6 +61,10 @@ func TestScanner_Detect(t *testing.T) { Layer: ftypes.Layer{ DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", }, + DataSource: &dbTypes.DataSource{ + Name: "Alpine Secdb", + URL: "https://secdb.alpinelinux.org/", + }, }, { PkgName: "ansible", @@ -69,12 +74,16 @@ func TestScanner_Detect(t *testing.T) { Layer: ftypes.Layer{ DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", }, + DataSource: &dbTypes.DataSource{ + Name: "Alpine Secdb", + URL: "https://secdb.alpinelinux.org/", + }, }, }, }, { name: "contain rc", - fixtures: []string{"testdata/fixtures/alpine.yaml"}, + fixtures: []string{"testdata/fixtures/alpine.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "3.10", pkgs: []ftypes.Package{ @@ -92,12 +101,16 @@ func TestScanner_Detect(t *testing.T) { VulnerabilityID: "CVE-2020-1234", InstalledVersion: "1.6-r0", FixedVersion: "1.6-r1", + DataSource: &dbTypes.DataSource{ + Name: "Alpine Secdb", + URL: "https://secdb.alpinelinux.org/", + }, }, }, }, { name: "contain pre", - fixtures: []string{"testdata/fixtures/alpine.yaml"}, + fixtures: []string{"testdata/fixtures/alpine.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "3.10", pkgs: []ftypes.Package{ @@ -121,12 +134,16 @@ func TestScanner_Detect(t *testing.T) { Layer: ftypes.Layer{ DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", }, + DataSource: &dbTypes.DataSource{ + Name: "Alpine Secdb", + URL: "https://secdb.alpinelinux.org/", + }, }, }, }, { name: "Get returns an error", - fixtures: []string{"testdata/fixtures/invalid.yaml"}, + fixtures: []string{"testdata/fixtures/invalid.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "3.10.2", pkgs: []ftypes.Package{ diff --git a/pkg/detector/ospkg/alpine/testdata/fixtures/data-source.yaml b/pkg/detector/ospkg/alpine/testdata/fixtures/data-source.yaml new file mode 100644 index 0000000000..68069745b1 --- /dev/null +++ b/pkg/detector/ospkg/alpine/testdata/fixtures/data-source.yaml @@ -0,0 +1,6 @@ +- bucket: data-source + pairs: + - key: alpine 3.10 + value: + Name: "Alpine Secdb" + URL: "https://secdb.alpinelinux.org/" \ No newline at end of file diff --git a/pkg/detector/ospkg/amazon/amazon.go b/pkg/detector/ospkg/amazon/amazon.go index 8a4f9c5630..f7c6ced922 100644 --- a/pkg/detector/ospkg/amazon/amazon.go +++ b/pkg/detector/ospkg/amazon/amazon.go @@ -104,6 +104,7 @@ func (s *Scanner) Detect(osVer string, pkgs []ftypes.Package) ([]types.DetectedV FixedVersion: adv.FixedVersion, Layer: pkg.Layer, Custom: adv.Custom, + DataSource: adv.DataSource, } vulns = append(vulns, vuln) } diff --git a/pkg/detector/ospkg/amazon/amazon_test.go b/pkg/detector/ospkg/amazon/amazon_test.go index 58354200f8..1685d7c4d7 100644 --- a/pkg/detector/ospkg/amazon/amazon_test.go +++ b/pkg/detector/ospkg/amazon/amazon_test.go @@ -1,6 +1,7 @@ package amazon_test import ( + dbTypes "github.com/aquasecurity/trivy-db/pkg/types" "testing" "time" @@ -29,7 +30,7 @@ func TestScanner_Detect(t *testing.T) { }{ { name: "amazon linux 1", - fixtures: []string{"testdata/fixtures/amazon.yaml"}, + fixtures: []string{"testdata/fixtures/amazon.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "1.2", pkgs: []ftypes.Package{ @@ -53,12 +54,16 @@ func TestScanner_Detect(t *testing.T) { Layer: ftypes.Layer{ DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", }, + DataSource: &dbTypes.DataSource{ + Name: "Amazon Linux Security Center", + URL: "https://alas.aws.amazon.com/", + }, }, }, }, { name: "amazon linux 2", - fixtures: []string{"testdata/fixtures/amazon.yaml"}, + fixtures: []string{"testdata/fixtures/amazon.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "2", pkgs: []ftypes.Package{ @@ -80,12 +85,16 @@ func TestScanner_Detect(t *testing.T) { Layer: ftypes.Layer{ DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", }, + DataSource: &dbTypes.DataSource{ + Name: "Amazon Linux Security Center", + URL: "https://alas.aws.amazon.com/", + }, }, }, }, { name: "empty version", - fixtures: []string{"testdata/fixtures/amazon.yaml"}, + fixtures: []string{"testdata/fixtures/amazon.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "2", pkgs: []ftypes.Package{ @@ -97,7 +106,7 @@ func TestScanner_Detect(t *testing.T) { }, { name: "Get returns an error", - fixtures: []string{"testdata/fixtures/invalid.yaml"}, + fixtures: []string{"testdata/fixtures/invalid.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "1", pkgs: []ftypes.Package{ diff --git a/pkg/detector/ospkg/amazon/testdata/fixtures/data-source.yaml b/pkg/detector/ospkg/amazon/testdata/fixtures/data-source.yaml new file mode 100644 index 0000000000..fd06cc66a1 --- /dev/null +++ b/pkg/detector/ospkg/amazon/testdata/fixtures/data-source.yaml @@ -0,0 +1,10 @@ +- bucket: data-source + pairs: + - key: amazon linux 1 + value: + Name: "Amazon Linux Security Center" + URL: "https://alas.aws.amazon.com/" + - key: amazon linux 2 + value: + Name: "Amazon Linux Security Center" + URL: "https://alas.aws.amazon.com/" \ No newline at end of file diff --git a/pkg/detector/ospkg/debian/debian.go b/pkg/detector/ospkg/debian/debian.go index 2f110cbaeb..827b3d9c37 100644 --- a/pkg/detector/ospkg/debian/debian.go +++ b/pkg/detector/ospkg/debian/debian.go @@ -106,6 +106,7 @@ func (s *Scanner) Detect(osVer string, pkgs []ftypes.Package) ([]types.DetectedV FixedVersion: adv.FixedVersion, Layer: pkg.Layer, Custom: adv.Custom, + DataSource: adv.DataSource, } if adv.Severity != dbTypes.SeverityUnknown { diff --git a/pkg/detector/ospkg/debian/debian_test.go b/pkg/detector/ospkg/debian/debian_test.go index 710213e4f2..8075d48c01 100644 --- a/pkg/detector/ospkg/debian/debian_test.go +++ b/pkg/detector/ospkg/debian/debian_test.go @@ -32,7 +32,7 @@ func TestScanner_Detect(t *testing.T) { }{ { name: "happy path", - fixtures: []string{"testdata/fixtures/debian.yaml"}, + fixtures: []string{"testdata/fixtures/debian.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "9.1", pkgs: []ftypes.Package{ @@ -57,6 +57,10 @@ func TestScanner_Detect(t *testing.T) { Layer: ftypes.Layer{ DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", }, + DataSource: &dbTypes.DataSource{ + Name: "Debian Security Tracker", + URL: "https://salsa.debian.org/security-tracker-team/security-tracker", + }, }, { PkgName: "htpasswd", @@ -69,12 +73,16 @@ func TestScanner_Detect(t *testing.T) { Layer: ftypes.Layer{ DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", }, + DataSource: &dbTypes.DataSource{ + Name: "Debian Security Tracker", + URL: "https://salsa.debian.org/security-tracker-team/security-tracker", + }, }, }, }, { name: "invalid bucket", - fixtures: []string{"testdata/fixtures/invalid.yaml"}, + fixtures: []string{"testdata/fixtures/invalid.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "9.1", pkgs: []ftypes.Package{ diff --git a/pkg/detector/ospkg/debian/testdata/fixtures/data-source.yaml b/pkg/detector/ospkg/debian/testdata/fixtures/data-source.yaml new file mode 100644 index 0000000000..4f2f695c00 --- /dev/null +++ b/pkg/detector/ospkg/debian/testdata/fixtures/data-source.yaml @@ -0,0 +1,6 @@ +- bucket: data-source + pairs: + - key: debian 9 + value: + Name: "Debian Security Tracker" + URL: "https://salsa.debian.org/security-tracker-team/security-tracker" \ No newline at end of file diff --git a/pkg/detector/ospkg/oracle/oracle.go b/pkg/detector/ospkg/oracle/oracle.go index 95b61a2378..35f5aabe23 100644 --- a/pkg/detector/ospkg/oracle/oracle.go +++ b/pkg/detector/ospkg/oracle/oracle.go @@ -88,6 +88,7 @@ func (s *Scanner) Detect(osVer string, pkgs []ftypes.Package) ([]types.DetectedV InstalledVersion: installed, Layer: pkg.Layer, Custom: adv.Custom, + DataSource: adv.DataSource, } if installedVersion.LessThan(fixedVersion) { vuln.FixedVersion = adv.FixedVersion diff --git a/pkg/detector/ospkg/oracle/oracle_test.go b/pkg/detector/ospkg/oracle/oracle_test.go index e36e1dfb0a..8c4a3bc529 100644 --- a/pkg/detector/ospkg/oracle/oracle_test.go +++ b/pkg/detector/ospkg/oracle/oracle_test.go @@ -1,6 +1,7 @@ package oracle import ( + dbTypes "github.com/aquasecurity/trivy-db/pkg/types" "testing" "time" @@ -108,7 +109,7 @@ func TestScanner_Detect(t *testing.T) { }{ { name: "detected", - fixtures: []string{"testdata/fixtures/oracle7.yaml"}, + fixtures: []string{"testdata/fixtures/oracle7.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "7", pkgs: []ftypes.Package{ @@ -129,12 +130,16 @@ func TestScanner_Detect(t *testing.T) { PkgName: "curl", InstalledVersion: "7.29.0-59.0.1.el7", FixedVersion: "7.29.0-59.0.1.el7_9.1", + DataSource: &dbTypes.DataSource{ + Name: "Oracle Linux OVAL definitions", + URL: "https://linux.oracle.com/security/oval/", + }, }, }, }, { name: "without ksplice", - fixtures: []string{"testdata/fixtures/oracle7.yaml"}, + fixtures: []string{"testdata/fixtures/oracle7.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "7", pkgs: []ftypes.Package{ @@ -153,7 +158,7 @@ func TestScanner_Detect(t *testing.T) { }, { name: "the installed version has ksplice2", - fixtures: []string{"testdata/fixtures/oracle7.yaml"}, + fixtures: []string{"testdata/fixtures/oracle7.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "7", pkgs: []ftypes.Package{ @@ -174,7 +179,7 @@ func TestScanner_Detect(t *testing.T) { }, { name: "with ksplice", - fixtures: []string{"testdata/fixtures/oracle7.yaml"}, + fixtures: []string{"testdata/fixtures/oracle7.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "7", pkgs: []ftypes.Package{ @@ -197,12 +202,16 @@ func TestScanner_Detect(t *testing.T) { PkgName: "glibc", InstalledVersion: "2:2.17-156.ksplice1.el7", FixedVersion: "2:2.17-157.ksplice1.el7_3.4", + DataSource: &dbTypes.DataSource{ + Name: "Oracle Linux OVAL definitions", + URL: "https://linux.oracle.com/security/oval/", + }, }, }, }, { name: "malformed", - fixtures: []string{"testdata/fixtures/invalid-type.yaml"}, + fixtures: []string{"testdata/fixtures/invalid-type.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "7", pkgs: []ftypes.Package{ diff --git a/pkg/detector/ospkg/oracle/testdata/fixtures/data-source.yaml b/pkg/detector/ospkg/oracle/testdata/fixtures/data-source.yaml new file mode 100644 index 0000000000..f1cbf42b07 --- /dev/null +++ b/pkg/detector/ospkg/oracle/testdata/fixtures/data-source.yaml @@ -0,0 +1,6 @@ +- bucket: data-source + pairs: + - key: Oracle Linux 7 + value: + Name: "Oracle Linux OVAL definitions" + URL: "https://linux.oracle.com/security/oval/" \ No newline at end of file diff --git a/pkg/detector/ospkg/photon/photon.go b/pkg/detector/ospkg/photon/photon.go index e904323296..6aa29c1155 100644 --- a/pkg/detector/ospkg/photon/photon.go +++ b/pkg/detector/ospkg/photon/photon.go @@ -81,6 +81,7 @@ func (s *Scanner) Detect(osVer string, pkgs []ftypes.Package) ([]types.DetectedV InstalledVersion: installed, Layer: pkg.Layer, Custom: adv.Custom, + DataSource: adv.DataSource, } if installedVersion.LessThan(fixedVersion) { vuln.FixedVersion = adv.FixedVersion diff --git a/pkg/detector/ospkg/photon/photon_test.go b/pkg/detector/ospkg/photon/photon_test.go index d6244207e4..b8a04b873c 100644 --- a/pkg/detector/ospkg/photon/photon_test.go +++ b/pkg/detector/ospkg/photon/photon_test.go @@ -1,6 +1,7 @@ package photon_test import ( + dbTypes "github.com/aquasecurity/trivy-db/pkg/types" "testing" "time" @@ -29,7 +30,7 @@ func TestScanner_Detect(t *testing.T) { }{ { name: "happy path", - fixtures: []string{"testdata/fixtures/photon.yaml"}, + fixtures: []string{"testdata/fixtures/photon.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "1.0", pkgs: []ftypes.Package{ @@ -55,12 +56,16 @@ func TestScanner_Detect(t *testing.T) { Layer: ftypes.Layer{ DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", }, + DataSource: &dbTypes.DataSource{ + Name: "Photon OS CVE metadata", + URL: "https://packages.vmware.com/photon/photon_cve_metadata/", + }, }, }, }, { name: "invalid bucket", - fixtures: []string{"testdata/fixtures/invalid.yaml"}, + fixtures: []string{"testdata/fixtures/invalid.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "1.0", pkgs: []ftypes.Package{ diff --git a/pkg/detector/ospkg/photon/testdata/fixtures/data-source.yaml b/pkg/detector/ospkg/photon/testdata/fixtures/data-source.yaml new file mode 100644 index 0000000000..0e7f384b6b --- /dev/null +++ b/pkg/detector/ospkg/photon/testdata/fixtures/data-source.yaml @@ -0,0 +1,6 @@ +- bucket: data-source + pairs: + - key: Photon OS 1.0 + value: + Name: "Photon OS CVE metadata" + URL: "https://packages.vmware.com/photon/photon_cve_metadata/" \ No newline at end of file diff --git a/pkg/detector/ospkg/rocky/rocky.go b/pkg/detector/ospkg/rocky/rocky.go index 86a3cd10b6..ba16d0fe18 100644 --- a/pkg/detector/ospkg/rocky/rocky.go +++ b/pkg/detector/ospkg/rocky/rocky.go @@ -90,6 +90,7 @@ func (s *Scanner) Detect(osVer string, pkgs []ftypes.Package) ([]types.DetectedV InstalledVersion: installed, FixedVersion: fixedVersion.String(), Layer: pkg.Layer, + DataSource: adv.DataSource, } vulns = append(vulns, vuln) } diff --git a/pkg/detector/ospkg/rocky/rocky_test.go b/pkg/detector/ospkg/rocky/rocky_test.go index 81fd207112..4ab27c9654 100644 --- a/pkg/detector/ospkg/rocky/rocky_test.go +++ b/pkg/detector/ospkg/rocky/rocky_test.go @@ -1,6 +1,7 @@ package rocky_test import ( + dbTypes "github.com/aquasecurity/trivy-db/pkg/types" "testing" "time" @@ -29,7 +30,7 @@ func TestScanner_Detect(t *testing.T) { }{ { name: "happy path", - fixtures: []string{"testdata/fixtures/rocky.yaml"}, + fixtures: []string{"testdata/fixtures/rocky.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "8.5", pkgs: []ftypes.Package{ @@ -56,12 +57,16 @@ func TestScanner_Detect(t *testing.T) { InstalledVersion: "4.18.0-348.el8.0.3", FixedVersion: "4.18.0-348.2.1.el8_5", Layer: ftypes.Layer{}, + DataSource: &dbTypes.DataSource{ + Name: "Rocky Linux updateinfo", + URL: "https://download.rockylinux.org/pub/rocky/", + }, }, }, }, { name: "skip modular package", - fixtures: []string{"testdata/fixtures/modular.yaml"}, + fixtures: []string{"testdata/fixtures/modular.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "8.5", pkgs: []ftypes.Package{ @@ -85,7 +90,7 @@ func TestScanner_Detect(t *testing.T) { }, { name: "Get returns an error", - fixtures: []string{"testdata/fixtures/invalid.yaml"}, + fixtures: []string{"testdata/fixtures/invalid.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "8.5", pkgs: []ftypes.Package{ diff --git a/pkg/detector/ospkg/rocky/testdata/fixtures/data-source.yaml b/pkg/detector/ospkg/rocky/testdata/fixtures/data-source.yaml new file mode 100644 index 0000000000..fd3f6c3ecd --- /dev/null +++ b/pkg/detector/ospkg/rocky/testdata/fixtures/data-source.yaml @@ -0,0 +1,6 @@ +- bucket: data-source + pairs: + - key: rocky 8 + value: + Name: "Rocky Linux updateinfo" + URL: "https://download.rockylinux.org/pub/rocky/" \ No newline at end of file diff --git a/pkg/detector/ospkg/suse/suse.go b/pkg/detector/ospkg/suse/suse.go index cc5b84e1d9..a228d31f76 100644 --- a/pkg/detector/ospkg/suse/suse.go +++ b/pkg/detector/ospkg/suse/suse.go @@ -132,6 +132,7 @@ func (s *Scanner) Detect(osVer string, pkgs []ftypes.Package) ([]types.DetectedV InstalledVersion: installed, Layer: pkg.Layer, Custom: adv.Custom, + DataSource: adv.DataSource, } if installedVersion.LessThan(fixedVersion) { vuln.FixedVersion = adv.FixedVersion diff --git a/pkg/detector/ospkg/suse/suse_test.go b/pkg/detector/ospkg/suse/suse_test.go index a8e825965d..ce4d521c69 100644 --- a/pkg/detector/ospkg/suse/suse_test.go +++ b/pkg/detector/ospkg/suse/suse_test.go @@ -1,6 +1,7 @@ package suse_test import ( + dbTypes "github.com/aquasecurity/trivy-db/pkg/types" "testing" "time" @@ -30,7 +31,7 @@ func TestScanner_Detect(t *testing.T) { }{ { name: "happy path", - fixtures: []string{"testdata/fixtures/suse.yaml"}, + fixtures: []string{"testdata/fixtures/suse.yaml", "testdata/fixtures/data-source.yaml"}, distribution: suse.OpenSUSE, args: args{ osVer: "15.3", @@ -57,12 +58,16 @@ func TestScanner_Detect(t *testing.T) { Layer: ftypes.Layer{ DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", }, + DataSource: &dbTypes.DataSource{ + Name: "SUSE CVRF", + URL: "https://ftp.suse.com/pub/projects/security/cvrf/", + }, }, }, }, { name: "broken bucket", - fixtures: []string{"testdata/fixtures/invalid.yaml"}, + fixtures: []string{"testdata/fixtures/invalid.yaml", "testdata/fixtures/data-source.yaml"}, distribution: suse.SUSEEnterpriseLinux, args: args{ osVer: "15.3", diff --git a/pkg/detector/ospkg/suse/testdata/fixtures/data-source.yaml b/pkg/detector/ospkg/suse/testdata/fixtures/data-source.yaml new file mode 100644 index 0000000000..21e08b7b3b --- /dev/null +++ b/pkg/detector/ospkg/suse/testdata/fixtures/data-source.yaml @@ -0,0 +1,10 @@ +- bucket: data-source + pairs: + - key: openSUSE Leap 15.3 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" + - key: SUSE Linux Enterprise 15.3 + value: + Name: "SUSE CVRF" + URL: "https://ftp.suse.com/pub/projects/security/cvrf/" \ No newline at end of file diff --git a/pkg/detector/ospkg/ubuntu/testdata/fixtures/data-source.yaml b/pkg/detector/ospkg/ubuntu/testdata/fixtures/data-source.yaml new file mode 100644 index 0000000000..a22273cb35 --- /dev/null +++ b/pkg/detector/ospkg/ubuntu/testdata/fixtures/data-source.yaml @@ -0,0 +1,10 @@ +- bucket: data-source + pairs: + - key: ubuntu 20.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" + - key: ubuntu 21.04 + value: + Name: "Ubuntu CVE Tracker" + URL: "https://git.launchpad.net/ubuntu-cve-tracker" \ No newline at end of file diff --git a/pkg/detector/ospkg/ubuntu/ubuntu.go b/pkg/detector/ospkg/ubuntu/ubuntu.go index 0ff8ff6cf1..db6418adef 100644 --- a/pkg/detector/ospkg/ubuntu/ubuntu.go +++ b/pkg/detector/ospkg/ubuntu/ubuntu.go @@ -115,6 +115,7 @@ func (s *Scanner) Detect(osVer string, pkgs []ftypes.Package) ([]types.DetectedV FixedVersion: adv.FixedVersion, Layer: pkg.Layer, Custom: adv.Custom, + DataSource: adv.DataSource, } if adv.FixedVersion == "" { diff --git a/pkg/detector/ospkg/ubuntu/ubuntu_test.go b/pkg/detector/ospkg/ubuntu/ubuntu_test.go index a63acf989c..59c900afa2 100644 --- a/pkg/detector/ospkg/ubuntu/ubuntu_test.go +++ b/pkg/detector/ospkg/ubuntu/ubuntu_test.go @@ -1,6 +1,7 @@ package ubuntu_test import ( + dbTypes "github.com/aquasecurity/trivy-db/pkg/types" "sort" "testing" "time" @@ -30,7 +31,7 @@ func TestScanner_Detect(t *testing.T) { }{ { name: "happy path", - fixtures: []string{"testdata/fixtures/ubuntu.yaml"}, + fixtures: []string{"testdata/fixtures/ubuntu.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "20.04", pkgs: []ftypes.Package{ @@ -54,6 +55,10 @@ func TestScanner_Detect(t *testing.T) { Layer: ftypes.Layer{ DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", }, + DataSource: &dbTypes.DataSource{ + Name: "Ubuntu CVE Tracker", + URL: "https://git.launchpad.net/ubuntu-cve-tracker", + }, }, { PkgName: "wpa", @@ -63,12 +68,16 @@ func TestScanner_Detect(t *testing.T) { Layer: ftypes.Layer{ DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", }, + DataSource: &dbTypes.DataSource{ + Name: "Ubuntu CVE Tracker", + URL: "https://git.launchpad.net/ubuntu-cve-tracker", + }, }, }, }, { name: "broken bucket", - fixtures: []string{"testdata/fixtures/invalid.yaml"}, + fixtures: []string{"testdata/fixtures/invalid.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ osVer: "21.04", pkgs: []ftypes.Package{ diff --git a/pkg/rpc/convert.go b/pkg/rpc/convert.go index a5378dbbeb..78c370d7c7 100644 --- a/pkg/rpc/convert.go +++ b/pkg/rpc/convert.go @@ -140,6 +140,7 @@ func ConvertToRPCVulns(vulns []types.DetectedVulnerability) []*common.Vulnerabil PublishedDate: publishedDate, CustomAdvisoryData: customAdvisoryData, CustomVulnData: customVulnData, + DataSource: ConvertToRPCDataSource(vuln.DataSource), }) } return rpcVulns @@ -180,6 +181,17 @@ func ConvertToRPCLayer(layer ftypes.Layer) *common.Layer { } } +// ConvertToRPCDataSource returns common.DataSource +func ConvertToRPCDataSource(ds *dbTypes.DataSource) *common.DataSource { + if ds == nil { + return nil + } + return &common.DataSource{ + Name: ds.Name, + Url: ds.URL, + } +} + // ConvertFromRPCResults converts scanner.Result to report.Result func ConvertFromRPCResults(rpcResults []*scanner.Result) []report.Result { var results []report.Result @@ -242,6 +254,7 @@ func ConvertFromRPCVulns(rpcVulns []*common.Vulnerability) []types.DetectedVulne SeveritySource: vuln.SeveritySource, PrimaryURL: vuln.PrimaryUrl, Custom: vuln.CustomAdvisoryData.AsInterface(), + DataSource: ConvertFromRPCDataSource(vuln.DataSource), }) } return vulns @@ -292,6 +305,17 @@ func ConvertFromRPCOS(rpcOS *common.OS) *ftypes.OS { } } +// ConvertFromRPCDataSource converts *common.DataSource to *dbTypes.DataSource +func ConvertFromRPCDataSource(ds *common.DataSource) *dbTypes.DataSource { + if ds == nil { + return nil + } + return &dbTypes.DataSource{ + Name: ds.Name, + URL: ds.Url, + } +} + // ConvertFromRPCPackageInfos converts common.PackageInfo to fanal.PackageInfo func ConvertFromRPCPackageInfos(rpcPkgInfos []*common.PackageInfo) []ftypes.PackageInfo { var pkgInfos []ftypes.PackageInfo diff --git a/pkg/rpc/convert_test.go b/pkg/rpc/convert_test.go index 69acfd8e6d..b853c62621 100644 --- a/pkg/rpc/convert_test.go +++ b/pkg/rpc/convert_test.go @@ -238,6 +238,10 @@ func TestConvertToRpcVulns(t *testing.T) { DiffID: "sha256:b2a1a2d80bf0c747a4f6b0ca6af5eef23f043fcdb1ed4f3a3e750aef2dc68079", }, PrimaryURL: "https://avd.aquasec.com/nvd/CVE-2019-0001", + DataSource: &dbTypes.DataSource{ + Name: "GitHub Security Advisory Maven", + URL: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Amaven", + }, }, }, }, @@ -266,6 +270,10 @@ func TestConvertToRpcVulns(t *testing.T) { PrimaryUrl: "https://avd.aquasec.com/nvd/CVE-2019-0001", PublishedDate: timestamppb.New(fixedPublishedDate), LastModifiedDate: timestamppb.New(fixedLastModifiedDate), + DataSource: &common.DataSource{ + Name: "GitHub Security Advisory Maven", + Url: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Amaven", + }, }, }, }, @@ -288,6 +296,10 @@ func TestConvertToRpcVulns(t *testing.T) { Digest: "sha256:154ad0735c360b212b167f424d33a62305770a1fcfb6363882f5c436cfbd9812", DiffID: "sha256:b2a1a2d80bf0c747a4f6b0ca6af5eef23f043fcdb1ed4f3a3e750aef2dc68079", }, + DataSource: &dbTypes.DataSource{ + Name: "GitHub Security Advisory Maven", + URL: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Amaven", + }, }, }, }, @@ -306,6 +318,10 @@ func TestConvertToRpcVulns(t *testing.T) { Digest: "sha256:154ad0735c360b212b167f424d33a62305770a1fcfb6363882f5c436cfbd9812", DiffId: "sha256:b2a1a2d80bf0c747a4f6b0ca6af5eef23f043fcdb1ed4f3a3e750aef2dc68079", }, + DataSource: &common.DataSource{ + Name: "GitHub Security Advisory Maven", + Url: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Amaven", + }, }, }, }, @@ -363,6 +379,10 @@ func TestConvertFromRPCResults(t *testing.T) { PrimaryUrl: "https://avd.aquasec.com/nvd/CVE-2019-0001", PublishedDate: timestamppb.New(fixedPublishedDate), LastModifiedDate: timestamppb.New(fixedLastModifiedDate), + DataSource: &common.DataSource{ + Name: "GitHub Security Advisory Maven", + Url: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Amaven", + }, }, }, }}, @@ -401,6 +421,10 @@ func TestConvertFromRPCResults(t *testing.T) { PublishedDate: &fixedPublishedDate, LastModifiedDate: &fixedLastModifiedDate, }, + DataSource: &dbTypes.DataSource{ + Name: "GitHub Security Advisory Maven", + URL: "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Amaven", + }, }, }, }, diff --git a/pkg/rpc/server/server_test.go b/pkg/rpc/server/server_test.go index b6707e8020..1e6e81122a 100644 --- a/pkg/rpc/server/server_test.go +++ b/pkg/rpc/server/server_test.go @@ -47,7 +47,7 @@ func TestScanServer_Scan(t *testing.T) { }{ { name: "happy path", - fixtures: []string{"testdata/fixtures/vulnerability.yaml"}, + fixtures: []string{"testdata/fixtures/vulnerability.yaml", "testdata/fixtures/data-source.yaml"}, args: args{ in: &rpcScanner.ScanRequest{ Target: "alpine:3.11", @@ -76,6 +76,10 @@ func TestScanServer_Scan(t *testing.T) { LastModifiedDate: utils.MustTimeParse("2020-01-01T01:01:00Z"), PublishedDate: utils.MustTimeParse("2001-01-01T01:01:00Z"), }, + DataSource: &dbTypes.DataSource{ + Name: "DOS vulnerabilities", + URL: "https://vuld-db-example.com/", + }, }, }, Type: "alpine", @@ -117,6 +121,10 @@ func TestScanServer_Scan(t *testing.T) { PublishedDate: ×tamp.Timestamp{ Seconds: 978310860, }, + DataSource: &common.DataSource{ + Name: "DOS vulnerabilities", + Url: "https://vuld-db-example.com/", + }, }, }, Type: "alpine", diff --git a/pkg/rpc/server/testdata/fixtures/data-source.yaml b/pkg/rpc/server/testdata/fixtures/data-source.yaml new file mode 100644 index 0000000000..639b1662e0 --- /dev/null +++ b/pkg/rpc/server/testdata/fixtures/data-source.yaml @@ -0,0 +1,6 @@ +- bucket: data-source + pairs: + - key: vulnerability + value: + Name: "DOS vulnerabilities" + URL: "https://vuld-db-example.com/" diff --git a/rpc/common/service.pb.go b/rpc/common/service.pb.go index 8300158015..a5695acb4a 100644 --- a/rpc/common/service.pb.go +++ b/rpc/common/service.pb.go @@ -1,26 +1,26 @@ // Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.27.1 -// protoc v3.19.1 // source: rpc/common/service.proto package common import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" + fmt "fmt" + proto "github.com/golang/protobuf/proto" structpb "google.golang.org/protobuf/types/known/structpb" timestamppb "google.golang.org/protobuf/types/known/timestamppb" - reflect "reflect" - sync "sync" + math "math" ) -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package type Severity int32 @@ -32,237 +32,188 @@ const ( Severity_CRITICAL Severity = 4 ) -// Enum value maps for Severity. -var ( - Severity_name = map[int32]string{ - 0: "UNKNOWN", - 1: "LOW", - 2: "MEDIUM", - 3: "HIGH", - 4: "CRITICAL", - } - Severity_value = map[string]int32{ - "UNKNOWN": 0, - "LOW": 1, - "MEDIUM": 2, - "HIGH": 3, - "CRITICAL": 4, - } -) +var Severity_name = map[int32]string{ + 0: "UNKNOWN", + 1: "LOW", + 2: "MEDIUM", + 3: "HIGH", + 4: "CRITICAL", +} -func (x Severity) Enum() *Severity { - p := new(Severity) - *p = x - return p +var Severity_value = map[string]int32{ + "UNKNOWN": 0, + "LOW": 1, + "MEDIUM": 2, + "HIGH": 3, + "CRITICAL": 4, } func (x Severity) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) + return proto.EnumName(Severity_name, int32(x)) } -func (Severity) Descriptor() protoreflect.EnumDescriptor { - return file_rpc_common_service_proto_enumTypes[0].Descriptor() -} - -func (Severity) Type() protoreflect.EnumType { - return &file_rpc_common_service_proto_enumTypes[0] -} - -func (x Severity) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use Severity.Descriptor instead. func (Severity) EnumDescriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{0} + return fileDescriptor_6e749acacaaabfff, []int{0} } type OS struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Family string `protobuf:"bytes,1,opt,name=family,proto3" json:"family,omitempty"` - Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` - Eosl bool `protobuf:"varint,3,opt,name=eosl,proto3" json:"eosl,omitempty"` + Family string `protobuf:"bytes,1,opt,name=family,proto3" json:"family,omitempty"` + Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` + Eosl bool `protobuf:"varint,3,opt,name=eosl,proto3" json:"eosl,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (x *OS) Reset() { - *x = OS{} - if protoimpl.UnsafeEnabled { - mi := &file_rpc_common_service_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *OS) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*OS) ProtoMessage() {} - -func (x *OS) ProtoReflect() protoreflect.Message { - mi := &file_rpc_common_service_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use OS.ProtoReflect.Descriptor instead. +func (m *OS) Reset() { *m = OS{} } +func (m *OS) String() string { return proto.CompactTextString(m) } +func (*OS) ProtoMessage() {} func (*OS) Descriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{0} + return fileDescriptor_6e749acacaaabfff, []int{0} } -func (x *OS) GetFamily() string { - if x != nil { - return x.Family +func (m *OS) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_OS.Unmarshal(m, b) +} +func (m *OS) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_OS.Marshal(b, m, deterministic) +} +func (m *OS) XXX_Merge(src proto.Message) { + xxx_messageInfo_OS.Merge(m, src) +} +func (m *OS) XXX_Size() int { + return xxx_messageInfo_OS.Size(m) +} +func (m *OS) XXX_DiscardUnknown() { + xxx_messageInfo_OS.DiscardUnknown(m) +} + +var xxx_messageInfo_OS proto.InternalMessageInfo + +func (m *OS) GetFamily() string { + if m != nil { + return m.Family } return "" } -func (x *OS) GetName() string { - if x != nil { - return x.Name +func (m *OS) GetName() string { + if m != nil { + return m.Name } return "" } -func (x *OS) GetEosl() bool { - if x != nil { - return x.Eosl +func (m *OS) GetEosl() bool { + if m != nil { + return m.Eosl } return false } type PackageInfo struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - FilePath string `protobuf:"bytes,1,opt,name=file_path,json=filePath,proto3" json:"file_path,omitempty"` - Packages []*Package `protobuf:"bytes,2,rep,name=packages,proto3" json:"packages,omitempty"` + FilePath string `protobuf:"bytes,1,opt,name=file_path,json=filePath,proto3" json:"file_path,omitempty"` + Packages []*Package `protobuf:"bytes,2,rep,name=packages,proto3" json:"packages,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (x *PackageInfo) Reset() { - *x = PackageInfo{} - if protoimpl.UnsafeEnabled { - mi := &file_rpc_common_service_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *PackageInfo) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*PackageInfo) ProtoMessage() {} - -func (x *PackageInfo) ProtoReflect() protoreflect.Message { - mi := &file_rpc_common_service_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use PackageInfo.ProtoReflect.Descriptor instead. +func (m *PackageInfo) Reset() { *m = PackageInfo{} } +func (m *PackageInfo) String() string { return proto.CompactTextString(m) } +func (*PackageInfo) ProtoMessage() {} func (*PackageInfo) Descriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{1} + return fileDescriptor_6e749acacaaabfff, []int{1} } -func (x *PackageInfo) GetFilePath() string { - if x != nil { - return x.FilePath +func (m *PackageInfo) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_PackageInfo.Unmarshal(m, b) +} +func (m *PackageInfo) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_PackageInfo.Marshal(b, m, deterministic) +} +func (m *PackageInfo) XXX_Merge(src proto.Message) { + xxx_messageInfo_PackageInfo.Merge(m, src) +} +func (m *PackageInfo) XXX_Size() int { + return xxx_messageInfo_PackageInfo.Size(m) +} +func (m *PackageInfo) XXX_DiscardUnknown() { + xxx_messageInfo_PackageInfo.DiscardUnknown(m) +} + +var xxx_messageInfo_PackageInfo proto.InternalMessageInfo + +func (m *PackageInfo) GetFilePath() string { + if m != nil { + return m.FilePath } return "" } -func (x *PackageInfo) GetPackages() []*Package { - if x != nil { - return x.Packages +func (m *PackageInfo) GetPackages() []*Package { + if m != nil { + return m.Packages } return nil } type Application struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"` - FilePath string `protobuf:"bytes,2,opt,name=file_path,json=filePath,proto3" json:"file_path,omitempty"` - Libraries []*Library `protobuf:"bytes,3,rep,name=libraries,proto3" json:"libraries,omitempty"` + Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"` + FilePath string `protobuf:"bytes,2,opt,name=file_path,json=filePath,proto3" json:"file_path,omitempty"` + Libraries []*Library `protobuf:"bytes,3,rep,name=libraries,proto3" json:"libraries,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (x *Application) Reset() { - *x = Application{} - if protoimpl.UnsafeEnabled { - mi := &file_rpc_common_service_proto_msgTypes[2] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Application) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Application) ProtoMessage() {} - -func (x *Application) ProtoReflect() protoreflect.Message { - mi := &file_rpc_common_service_proto_msgTypes[2] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Application.ProtoReflect.Descriptor instead. +func (m *Application) Reset() { *m = Application{} } +func (m *Application) String() string { return proto.CompactTextString(m) } +func (*Application) ProtoMessage() {} func (*Application) Descriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{2} + return fileDescriptor_6e749acacaaabfff, []int{2} } -func (x *Application) GetType() string { - if x != nil { - return x.Type +func (m *Application) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Application.Unmarshal(m, b) +} +func (m *Application) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Application.Marshal(b, m, deterministic) +} +func (m *Application) XXX_Merge(src proto.Message) { + xxx_messageInfo_Application.Merge(m, src) +} +func (m *Application) XXX_Size() int { + return xxx_messageInfo_Application.Size(m) +} +func (m *Application) XXX_DiscardUnknown() { + xxx_messageInfo_Application.DiscardUnknown(m) +} + +var xxx_messageInfo_Application proto.InternalMessageInfo + +func (m *Application) GetType() string { + if m != nil { + return m.Type } return "" } -func (x *Application) GetFilePath() string { - if x != nil { - return x.FilePath +func (m *Application) GetFilePath() string { + if m != nil { + return m.FilePath } return "" } -func (x *Application) GetLibraries() []*Library { - if x != nil { - return x.Libraries +func (m *Application) GetLibraries() []*Library { + if m != nil { + return m.Libraries } return nil } type Package struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - // binary package // e.g. bind-utils Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` @@ -272,1200 +223,897 @@ type Package struct { Arch string `protobuf:"bytes,5,opt,name=arch,proto3" json:"arch,omitempty"` // src package containing some binary packages // e.g. bind - SrcName string `protobuf:"bytes,6,opt,name=src_name,json=srcName,proto3" json:"src_name,omitempty"` - SrcVersion string `protobuf:"bytes,7,opt,name=src_version,json=srcVersion,proto3" json:"src_version,omitempty"` - SrcRelease string `protobuf:"bytes,8,opt,name=src_release,json=srcRelease,proto3" json:"src_release,omitempty"` - SrcEpoch int32 `protobuf:"varint,9,opt,name=src_epoch,json=srcEpoch,proto3" json:"src_epoch,omitempty"` - License string `protobuf:"bytes,10,opt,name=license,proto3" json:"license,omitempty"` - Layer *Layer `protobuf:"bytes,11,opt,name=layer,proto3" json:"layer,omitempty"` + SrcName string `protobuf:"bytes,6,opt,name=src_name,json=srcName,proto3" json:"src_name,omitempty"` + SrcVersion string `protobuf:"bytes,7,opt,name=src_version,json=srcVersion,proto3" json:"src_version,omitempty"` + SrcRelease string `protobuf:"bytes,8,opt,name=src_release,json=srcRelease,proto3" json:"src_release,omitempty"` + SrcEpoch int32 `protobuf:"varint,9,opt,name=src_epoch,json=srcEpoch,proto3" json:"src_epoch,omitempty"` + License string `protobuf:"bytes,10,opt,name=license,proto3" json:"license,omitempty"` + Layer *Layer `protobuf:"bytes,11,opt,name=layer,proto3" json:"layer,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (x *Package) Reset() { - *x = Package{} - if protoimpl.UnsafeEnabled { - mi := &file_rpc_common_service_proto_msgTypes[3] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Package) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Package) ProtoMessage() {} - -func (x *Package) ProtoReflect() protoreflect.Message { - mi := &file_rpc_common_service_proto_msgTypes[3] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Package.ProtoReflect.Descriptor instead. +func (m *Package) Reset() { *m = Package{} } +func (m *Package) String() string { return proto.CompactTextString(m) } +func (*Package) ProtoMessage() {} func (*Package) Descriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{3} + return fileDescriptor_6e749acacaaabfff, []int{3} } -func (x *Package) GetName() string { - if x != nil { - return x.Name +func (m *Package) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Package.Unmarshal(m, b) +} +func (m *Package) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Package.Marshal(b, m, deterministic) +} +func (m *Package) XXX_Merge(src proto.Message) { + xxx_messageInfo_Package.Merge(m, src) +} +func (m *Package) XXX_Size() int { + return xxx_messageInfo_Package.Size(m) +} +func (m *Package) XXX_DiscardUnknown() { + xxx_messageInfo_Package.DiscardUnknown(m) +} + +var xxx_messageInfo_Package proto.InternalMessageInfo + +func (m *Package) GetName() string { + if m != nil { + return m.Name } return "" } -func (x *Package) GetVersion() string { - if x != nil { - return x.Version +func (m *Package) GetVersion() string { + if m != nil { + return m.Version } return "" } -func (x *Package) GetRelease() string { - if x != nil { - return x.Release +func (m *Package) GetRelease() string { + if m != nil { + return m.Release } return "" } -func (x *Package) GetEpoch() int32 { - if x != nil { - return x.Epoch +func (m *Package) GetEpoch() int32 { + if m != nil { + return m.Epoch } return 0 } -func (x *Package) GetArch() string { - if x != nil { - return x.Arch +func (m *Package) GetArch() string { + if m != nil { + return m.Arch } return "" } -func (x *Package) GetSrcName() string { - if x != nil { - return x.SrcName +func (m *Package) GetSrcName() string { + if m != nil { + return m.SrcName } return "" } -func (x *Package) GetSrcVersion() string { - if x != nil { - return x.SrcVersion +func (m *Package) GetSrcVersion() string { + if m != nil { + return m.SrcVersion } return "" } -func (x *Package) GetSrcRelease() string { - if x != nil { - return x.SrcRelease +func (m *Package) GetSrcRelease() string { + if m != nil { + return m.SrcRelease } return "" } -func (x *Package) GetSrcEpoch() int32 { - if x != nil { - return x.SrcEpoch +func (m *Package) GetSrcEpoch() int32 { + if m != nil { + return m.SrcEpoch } return 0 } -func (x *Package) GetLicense() string { - if x != nil { - return x.License +func (m *Package) GetLicense() string { + if m != nil { + return m.License } return "" } -func (x *Package) GetLayer() *Layer { - if x != nil { - return x.Layer +func (m *Package) GetLayer() *Layer { + if m != nil { + return m.Layer } return nil } type Library struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - Version string `protobuf:"bytes,2,opt,name=version,proto3" json:"version,omitempty"` - License string `protobuf:"bytes,3,opt,name=license,proto3" json:"license,omitempty"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Version string `protobuf:"bytes,2,opt,name=version,proto3" json:"version,omitempty"` + License string `protobuf:"bytes,3,opt,name=license,proto3" json:"license,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (x *Library) Reset() { - *x = Library{} - if protoimpl.UnsafeEnabled { - mi := &file_rpc_common_service_proto_msgTypes[4] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Library) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Library) ProtoMessage() {} - -func (x *Library) ProtoReflect() protoreflect.Message { - mi := &file_rpc_common_service_proto_msgTypes[4] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Library.ProtoReflect.Descriptor instead. +func (m *Library) Reset() { *m = Library{} } +func (m *Library) String() string { return proto.CompactTextString(m) } +func (*Library) ProtoMessage() {} func (*Library) Descriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{4} + return fileDescriptor_6e749acacaaabfff, []int{4} } -func (x *Library) GetName() string { - if x != nil { - return x.Name +func (m *Library) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Library.Unmarshal(m, b) +} +func (m *Library) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Library.Marshal(b, m, deterministic) +} +func (m *Library) XXX_Merge(src proto.Message) { + xxx_messageInfo_Library.Merge(m, src) +} +func (m *Library) XXX_Size() int { + return xxx_messageInfo_Library.Size(m) +} +func (m *Library) XXX_DiscardUnknown() { + xxx_messageInfo_Library.DiscardUnknown(m) +} + +var xxx_messageInfo_Library proto.InternalMessageInfo + +func (m *Library) GetName() string { + if m != nil { + return m.Name } return "" } -func (x *Library) GetVersion() string { - if x != nil { - return x.Version +func (m *Library) GetVersion() string { + if m != nil { + return m.Version } return "" } -func (x *Library) GetLicense() string { - if x != nil { - return x.License +func (m *Library) GetLicense() string { + if m != nil { + return m.License } return "" } type Misconfiguration struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - FileType string `protobuf:"bytes,1,opt,name=file_type,json=fileType,proto3" json:"file_type,omitempty"` - FilePath string `protobuf:"bytes,2,opt,name=file_path,json=filePath,proto3" json:"file_path,omitempty"` - Successes []*MisconfResult `protobuf:"bytes,3,rep,name=successes,proto3" json:"successes,omitempty"` - Warnings []*MisconfResult `protobuf:"bytes,4,rep,name=warnings,proto3" json:"warnings,omitempty"` - Failures []*MisconfResult `protobuf:"bytes,5,rep,name=failures,proto3" json:"failures,omitempty"` - Exceptions []*MisconfResult `protobuf:"bytes,6,rep,name=exceptions,proto3" json:"exceptions,omitempty"` + FileType string `protobuf:"bytes,1,opt,name=file_type,json=fileType,proto3" json:"file_type,omitempty"` + FilePath string `protobuf:"bytes,2,opt,name=file_path,json=filePath,proto3" json:"file_path,omitempty"` + Successes []*MisconfResult `protobuf:"bytes,3,rep,name=successes,proto3" json:"successes,omitempty"` + Warnings []*MisconfResult `protobuf:"bytes,4,rep,name=warnings,proto3" json:"warnings,omitempty"` + Failures []*MisconfResult `protobuf:"bytes,5,rep,name=failures,proto3" json:"failures,omitempty"` + Exceptions []*MisconfResult `protobuf:"bytes,6,rep,name=exceptions,proto3" json:"exceptions,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (x *Misconfiguration) Reset() { - *x = Misconfiguration{} - if protoimpl.UnsafeEnabled { - mi := &file_rpc_common_service_proto_msgTypes[5] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Misconfiguration) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Misconfiguration) ProtoMessage() {} - -func (x *Misconfiguration) ProtoReflect() protoreflect.Message { - mi := &file_rpc_common_service_proto_msgTypes[5] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Misconfiguration.ProtoReflect.Descriptor instead. +func (m *Misconfiguration) Reset() { *m = Misconfiguration{} } +func (m *Misconfiguration) String() string { return proto.CompactTextString(m) } +func (*Misconfiguration) ProtoMessage() {} func (*Misconfiguration) Descriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{5} + return fileDescriptor_6e749acacaaabfff, []int{5} } -func (x *Misconfiguration) GetFileType() string { - if x != nil { - return x.FileType +func (m *Misconfiguration) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Misconfiguration.Unmarshal(m, b) +} +func (m *Misconfiguration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Misconfiguration.Marshal(b, m, deterministic) +} +func (m *Misconfiguration) XXX_Merge(src proto.Message) { + xxx_messageInfo_Misconfiguration.Merge(m, src) +} +func (m *Misconfiguration) XXX_Size() int { + return xxx_messageInfo_Misconfiguration.Size(m) +} +func (m *Misconfiguration) XXX_DiscardUnknown() { + xxx_messageInfo_Misconfiguration.DiscardUnknown(m) +} + +var xxx_messageInfo_Misconfiguration proto.InternalMessageInfo + +func (m *Misconfiguration) GetFileType() string { + if m != nil { + return m.FileType } return "" } -func (x *Misconfiguration) GetFilePath() string { - if x != nil { - return x.FilePath +func (m *Misconfiguration) GetFilePath() string { + if m != nil { + return m.FilePath } return "" } -func (x *Misconfiguration) GetSuccesses() []*MisconfResult { - if x != nil { - return x.Successes +func (m *Misconfiguration) GetSuccesses() []*MisconfResult { + if m != nil { + return m.Successes } return nil } -func (x *Misconfiguration) GetWarnings() []*MisconfResult { - if x != nil { - return x.Warnings +func (m *Misconfiguration) GetWarnings() []*MisconfResult { + if m != nil { + return m.Warnings } return nil } -func (x *Misconfiguration) GetFailures() []*MisconfResult { - if x != nil { - return x.Failures +func (m *Misconfiguration) GetFailures() []*MisconfResult { + if m != nil { + return m.Failures } return nil } -func (x *Misconfiguration) GetExceptions() []*MisconfResult { - if x != nil { - return x.Exceptions +func (m *Misconfiguration) GetExceptions() []*MisconfResult { + if m != nil { + return m.Exceptions } return nil } type MisconfResult struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Namespace string `protobuf:"bytes,1,opt,name=namespace,proto3" json:"namespace,omitempty"` - Message string `protobuf:"bytes,2,opt,name=message,proto3" json:"message,omitempty"` - Type string `protobuf:"bytes,3,opt,name=type,proto3" json:"type,omitempty"` - Id string `protobuf:"bytes,4,opt,name=id,proto3" json:"id,omitempty"` - Title string `protobuf:"bytes,5,opt,name=title,proto3" json:"title,omitempty"` - Severity string `protobuf:"bytes,6,opt,name=severity,proto3" json:"severity,omitempty"` + Namespace string `protobuf:"bytes,1,opt,name=namespace,proto3" json:"namespace,omitempty"` + Message string `protobuf:"bytes,2,opt,name=message,proto3" json:"message,omitempty"` + Type string `protobuf:"bytes,3,opt,name=type,proto3" json:"type,omitempty"` + Id string `protobuf:"bytes,4,opt,name=id,proto3" json:"id,omitempty"` + Title string `protobuf:"bytes,5,opt,name=title,proto3" json:"title,omitempty"` + Severity string `protobuf:"bytes,6,opt,name=severity,proto3" json:"severity,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (x *MisconfResult) Reset() { - *x = MisconfResult{} - if protoimpl.UnsafeEnabled { - mi := &file_rpc_common_service_proto_msgTypes[6] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *MisconfResult) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*MisconfResult) ProtoMessage() {} - -func (x *MisconfResult) ProtoReflect() protoreflect.Message { - mi := &file_rpc_common_service_proto_msgTypes[6] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use MisconfResult.ProtoReflect.Descriptor instead. +func (m *MisconfResult) Reset() { *m = MisconfResult{} } +func (m *MisconfResult) String() string { return proto.CompactTextString(m) } +func (*MisconfResult) ProtoMessage() {} func (*MisconfResult) Descriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{6} + return fileDescriptor_6e749acacaaabfff, []int{6} } -func (x *MisconfResult) GetNamespace() string { - if x != nil { - return x.Namespace +func (m *MisconfResult) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_MisconfResult.Unmarshal(m, b) +} +func (m *MisconfResult) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_MisconfResult.Marshal(b, m, deterministic) +} +func (m *MisconfResult) XXX_Merge(src proto.Message) { + xxx_messageInfo_MisconfResult.Merge(m, src) +} +func (m *MisconfResult) XXX_Size() int { + return xxx_messageInfo_MisconfResult.Size(m) +} +func (m *MisconfResult) XXX_DiscardUnknown() { + xxx_messageInfo_MisconfResult.DiscardUnknown(m) +} + +var xxx_messageInfo_MisconfResult proto.InternalMessageInfo + +func (m *MisconfResult) GetNamespace() string { + if m != nil { + return m.Namespace } return "" } -func (x *MisconfResult) GetMessage() string { - if x != nil { - return x.Message +func (m *MisconfResult) GetMessage() string { + if m != nil { + return m.Message } return "" } -func (x *MisconfResult) GetType() string { - if x != nil { - return x.Type +func (m *MisconfResult) GetType() string { + if m != nil { + return m.Type } return "" } -func (x *MisconfResult) GetId() string { - if x != nil { - return x.Id +func (m *MisconfResult) GetId() string { + if m != nil { + return m.Id } return "" } -func (x *MisconfResult) GetTitle() string { - if x != nil { - return x.Title +func (m *MisconfResult) GetTitle() string { + if m != nil { + return m.Title } return "" } -func (x *MisconfResult) GetSeverity() string { - if x != nil { - return x.Severity +func (m *MisconfResult) GetSeverity() string { + if m != nil { + return m.Severity } return "" } type DetectedMisconfiguration struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"` - Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` - Title string `protobuf:"bytes,3,opt,name=title,proto3" json:"title,omitempty"` - Description string `protobuf:"bytes,4,opt,name=description,proto3" json:"description,omitempty"` - Message string `protobuf:"bytes,5,opt,name=message,proto3" json:"message,omitempty"` - Namespace string `protobuf:"bytes,6,opt,name=namespace,proto3" json:"namespace,omitempty"` - Resolution string `protobuf:"bytes,7,opt,name=resolution,proto3" json:"resolution,omitempty"` - Severity Severity `protobuf:"varint,8,opt,name=severity,proto3,enum=trivy.common.Severity" json:"severity,omitempty"` - PrimaryUrl string `protobuf:"bytes,9,opt,name=primary_url,json=primaryUrl,proto3" json:"primary_url,omitempty"` - References []string `protobuf:"bytes,10,rep,name=references,proto3" json:"references,omitempty"` - Status string `protobuf:"bytes,11,opt,name=status,proto3" json:"status,omitempty"` - Layer *Layer `protobuf:"bytes,12,opt,name=layer,proto3" json:"layer,omitempty"` + Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"` + Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` + Title string `protobuf:"bytes,3,opt,name=title,proto3" json:"title,omitempty"` + Description string `protobuf:"bytes,4,opt,name=description,proto3" json:"description,omitempty"` + Message string `protobuf:"bytes,5,opt,name=message,proto3" json:"message,omitempty"` + Namespace string `protobuf:"bytes,6,opt,name=namespace,proto3" json:"namespace,omitempty"` + Resolution string `protobuf:"bytes,7,opt,name=resolution,proto3" json:"resolution,omitempty"` + Severity Severity `protobuf:"varint,8,opt,name=severity,proto3,enum=trivy.common.Severity" json:"severity,omitempty"` + PrimaryUrl string `protobuf:"bytes,9,opt,name=primary_url,json=primaryUrl,proto3" json:"primary_url,omitempty"` + References []string `protobuf:"bytes,10,rep,name=references,proto3" json:"references,omitempty"` + Status string `protobuf:"bytes,11,opt,name=status,proto3" json:"status,omitempty"` + Layer *Layer `protobuf:"bytes,12,opt,name=layer,proto3" json:"layer,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (x *DetectedMisconfiguration) Reset() { - *x = DetectedMisconfiguration{} - if protoimpl.UnsafeEnabled { - mi := &file_rpc_common_service_proto_msgTypes[7] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *DetectedMisconfiguration) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*DetectedMisconfiguration) ProtoMessage() {} - -func (x *DetectedMisconfiguration) ProtoReflect() protoreflect.Message { - mi := &file_rpc_common_service_proto_msgTypes[7] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use DetectedMisconfiguration.ProtoReflect.Descriptor instead. +func (m *DetectedMisconfiguration) Reset() { *m = DetectedMisconfiguration{} } +func (m *DetectedMisconfiguration) String() string { return proto.CompactTextString(m) } +func (*DetectedMisconfiguration) ProtoMessage() {} func (*DetectedMisconfiguration) Descriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{7} + return fileDescriptor_6e749acacaaabfff, []int{7} } -func (x *DetectedMisconfiguration) GetType() string { - if x != nil { - return x.Type +func (m *DetectedMisconfiguration) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_DetectedMisconfiguration.Unmarshal(m, b) +} +func (m *DetectedMisconfiguration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_DetectedMisconfiguration.Marshal(b, m, deterministic) +} +func (m *DetectedMisconfiguration) XXX_Merge(src proto.Message) { + xxx_messageInfo_DetectedMisconfiguration.Merge(m, src) +} +func (m *DetectedMisconfiguration) XXX_Size() int { + return xxx_messageInfo_DetectedMisconfiguration.Size(m) +} +func (m *DetectedMisconfiguration) XXX_DiscardUnknown() { + xxx_messageInfo_DetectedMisconfiguration.DiscardUnknown(m) +} + +var xxx_messageInfo_DetectedMisconfiguration proto.InternalMessageInfo + +func (m *DetectedMisconfiguration) GetType() string { + if m != nil { + return m.Type } return "" } -func (x *DetectedMisconfiguration) GetId() string { - if x != nil { - return x.Id +func (m *DetectedMisconfiguration) GetId() string { + if m != nil { + return m.Id } return "" } -func (x *DetectedMisconfiguration) GetTitle() string { - if x != nil { - return x.Title +func (m *DetectedMisconfiguration) GetTitle() string { + if m != nil { + return m.Title } return "" } -func (x *DetectedMisconfiguration) GetDescription() string { - if x != nil { - return x.Description +func (m *DetectedMisconfiguration) GetDescription() string { + if m != nil { + return m.Description } return "" } -func (x *DetectedMisconfiguration) GetMessage() string { - if x != nil { - return x.Message +func (m *DetectedMisconfiguration) GetMessage() string { + if m != nil { + return m.Message } return "" } -func (x *DetectedMisconfiguration) GetNamespace() string { - if x != nil { - return x.Namespace +func (m *DetectedMisconfiguration) GetNamespace() string { + if m != nil { + return m.Namespace } return "" } -func (x *DetectedMisconfiguration) GetResolution() string { - if x != nil { - return x.Resolution +func (m *DetectedMisconfiguration) GetResolution() string { + if m != nil { + return m.Resolution } return "" } -func (x *DetectedMisconfiguration) GetSeverity() Severity { - if x != nil { - return x.Severity +func (m *DetectedMisconfiguration) GetSeverity() Severity { + if m != nil { + return m.Severity } return Severity_UNKNOWN } -func (x *DetectedMisconfiguration) GetPrimaryUrl() string { - if x != nil { - return x.PrimaryUrl +func (m *DetectedMisconfiguration) GetPrimaryUrl() string { + if m != nil { + return m.PrimaryUrl } return "" } -func (x *DetectedMisconfiguration) GetReferences() []string { - if x != nil { - return x.References +func (m *DetectedMisconfiguration) GetReferences() []string { + if m != nil { + return m.References } return nil } -func (x *DetectedMisconfiguration) GetStatus() string { - if x != nil { - return x.Status +func (m *DetectedMisconfiguration) GetStatus() string { + if m != nil { + return m.Status } return "" } -func (x *DetectedMisconfiguration) GetLayer() *Layer { - if x != nil { - return x.Layer +func (m *DetectedMisconfiguration) GetLayer() *Layer { + if m != nil { + return m.Layer } return nil } type Vulnerability struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - VulnerabilityId string `protobuf:"bytes,1,opt,name=vulnerability_id,json=vulnerabilityId,proto3" json:"vulnerability_id,omitempty"` - PkgName string `protobuf:"bytes,2,opt,name=pkg_name,json=pkgName,proto3" json:"pkg_name,omitempty"` - InstalledVersion string `protobuf:"bytes,3,opt,name=installed_version,json=installedVersion,proto3" json:"installed_version,omitempty"` - FixedVersion string `protobuf:"bytes,4,opt,name=fixed_version,json=fixedVersion,proto3" json:"fixed_version,omitempty"` - Title string `protobuf:"bytes,5,opt,name=title,proto3" json:"title,omitempty"` - Description string `protobuf:"bytes,6,opt,name=description,proto3" json:"description,omitempty"` - Severity Severity `protobuf:"varint,7,opt,name=severity,proto3,enum=trivy.common.Severity" json:"severity,omitempty"` - References []string `protobuf:"bytes,8,rep,name=references,proto3" json:"references,omitempty"` - Layer *Layer `protobuf:"bytes,10,opt,name=layer,proto3" json:"layer,omitempty"` - SeveritySource string `protobuf:"bytes,11,opt,name=severity_source,json=severitySource,proto3" json:"severity_source,omitempty"` - Cvss map[string]*CVSS `protobuf:"bytes,12,rep,name=cvss,proto3" json:"cvss,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - CweIds []string `protobuf:"bytes,13,rep,name=cwe_ids,json=cweIds,proto3" json:"cwe_ids,omitempty"` - PrimaryUrl string `protobuf:"bytes,14,opt,name=primary_url,json=primaryUrl,proto3" json:"primary_url,omitempty"` - PublishedDate *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=published_date,json=publishedDate,proto3" json:"published_date,omitempty"` - LastModifiedDate *timestamppb.Timestamp `protobuf:"bytes,16,opt,name=last_modified_date,json=lastModifiedDate,proto3" json:"last_modified_date,omitempty"` - CustomAdvisoryData *structpb.Value `protobuf:"bytes,17,opt,name=custom_advisory_data,json=customAdvisoryData,proto3" json:"custom_advisory_data,omitempty"` - CustomVulnData *structpb.Value `protobuf:"bytes,18,opt,name=custom_vuln_data,json=customVulnData,proto3" json:"custom_vuln_data,omitempty"` - VendorIds []string `protobuf:"bytes,19,rep,name=vendor_ids,json=vendorIds,proto3" json:"vendor_ids,omitempty"` + VulnerabilityId string `protobuf:"bytes,1,opt,name=vulnerability_id,json=vulnerabilityId,proto3" json:"vulnerability_id,omitempty"` + PkgName string `protobuf:"bytes,2,opt,name=pkg_name,json=pkgName,proto3" json:"pkg_name,omitempty"` + InstalledVersion string `protobuf:"bytes,3,opt,name=installed_version,json=installedVersion,proto3" json:"installed_version,omitempty"` + FixedVersion string `protobuf:"bytes,4,opt,name=fixed_version,json=fixedVersion,proto3" json:"fixed_version,omitempty"` + Title string `protobuf:"bytes,5,opt,name=title,proto3" json:"title,omitempty"` + Description string `protobuf:"bytes,6,opt,name=description,proto3" json:"description,omitempty"` + Severity Severity `protobuf:"varint,7,opt,name=severity,proto3,enum=trivy.common.Severity" json:"severity,omitempty"` + References []string `protobuf:"bytes,8,rep,name=references,proto3" json:"references,omitempty"` + Layer *Layer `protobuf:"bytes,10,opt,name=layer,proto3" json:"layer,omitempty"` + SeveritySource string `protobuf:"bytes,11,opt,name=severity_source,json=severitySource,proto3" json:"severity_source,omitempty"` + Cvss map[string]*CVSS `protobuf:"bytes,12,rep,name=cvss,proto3" json:"cvss,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + CweIds []string `protobuf:"bytes,13,rep,name=cwe_ids,json=cweIds,proto3" json:"cwe_ids,omitempty"` + PrimaryUrl string `protobuf:"bytes,14,opt,name=primary_url,json=primaryUrl,proto3" json:"primary_url,omitempty"` + PublishedDate *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=published_date,json=publishedDate,proto3" json:"published_date,omitempty"` + LastModifiedDate *timestamppb.Timestamp `protobuf:"bytes,16,opt,name=last_modified_date,json=lastModifiedDate,proto3" json:"last_modified_date,omitempty"` + CustomAdvisoryData *structpb.Value `protobuf:"bytes,17,opt,name=custom_advisory_data,json=customAdvisoryData,proto3" json:"custom_advisory_data,omitempty"` + CustomVulnData *structpb.Value `protobuf:"bytes,18,opt,name=custom_vuln_data,json=customVulnData,proto3" json:"custom_vuln_data,omitempty"` + VendorIds []string `protobuf:"bytes,19,rep,name=vendor_ids,json=vendorIds,proto3" json:"vendor_ids,omitempty"` + DataSource *DataSource `protobuf:"bytes,20,opt,name=data_source,json=dataSource,proto3" json:"data_source,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (x *Vulnerability) Reset() { - *x = Vulnerability{} - if protoimpl.UnsafeEnabled { - mi := &file_rpc_common_service_proto_msgTypes[8] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Vulnerability) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Vulnerability) ProtoMessage() {} - -func (x *Vulnerability) ProtoReflect() protoreflect.Message { - mi := &file_rpc_common_service_proto_msgTypes[8] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Vulnerability.ProtoReflect.Descriptor instead. +func (m *Vulnerability) Reset() { *m = Vulnerability{} } +func (m *Vulnerability) String() string { return proto.CompactTextString(m) } +func (*Vulnerability) ProtoMessage() {} func (*Vulnerability) Descriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{8} + return fileDescriptor_6e749acacaaabfff, []int{8} } -func (x *Vulnerability) GetVulnerabilityId() string { - if x != nil { - return x.VulnerabilityId +func (m *Vulnerability) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Vulnerability.Unmarshal(m, b) +} +func (m *Vulnerability) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Vulnerability.Marshal(b, m, deterministic) +} +func (m *Vulnerability) XXX_Merge(src proto.Message) { + xxx_messageInfo_Vulnerability.Merge(m, src) +} +func (m *Vulnerability) XXX_Size() int { + return xxx_messageInfo_Vulnerability.Size(m) +} +func (m *Vulnerability) XXX_DiscardUnknown() { + xxx_messageInfo_Vulnerability.DiscardUnknown(m) +} + +var xxx_messageInfo_Vulnerability proto.InternalMessageInfo + +func (m *Vulnerability) GetVulnerabilityId() string { + if m != nil { + return m.VulnerabilityId } return "" } -func (x *Vulnerability) GetPkgName() string { - if x != nil { - return x.PkgName +func (m *Vulnerability) GetPkgName() string { + if m != nil { + return m.PkgName } return "" } -func (x *Vulnerability) GetInstalledVersion() string { - if x != nil { - return x.InstalledVersion +func (m *Vulnerability) GetInstalledVersion() string { + if m != nil { + return m.InstalledVersion } return "" } -func (x *Vulnerability) GetFixedVersion() string { - if x != nil { - return x.FixedVersion +func (m *Vulnerability) GetFixedVersion() string { + if m != nil { + return m.FixedVersion } return "" } -func (x *Vulnerability) GetTitle() string { - if x != nil { - return x.Title +func (m *Vulnerability) GetTitle() string { + if m != nil { + return m.Title } return "" } -func (x *Vulnerability) GetDescription() string { - if x != nil { - return x.Description +func (m *Vulnerability) GetDescription() string { + if m != nil { + return m.Description } return "" } -func (x *Vulnerability) GetSeverity() Severity { - if x != nil { - return x.Severity +func (m *Vulnerability) GetSeverity() Severity { + if m != nil { + return m.Severity } return Severity_UNKNOWN } -func (x *Vulnerability) GetReferences() []string { - if x != nil { - return x.References +func (m *Vulnerability) GetReferences() []string { + if m != nil { + return m.References } return nil } -func (x *Vulnerability) GetLayer() *Layer { - if x != nil { - return x.Layer +func (m *Vulnerability) GetLayer() *Layer { + if m != nil { + return m.Layer } return nil } -func (x *Vulnerability) GetSeveritySource() string { - if x != nil { - return x.SeveritySource +func (m *Vulnerability) GetSeveritySource() string { + if m != nil { + return m.SeveritySource } return "" } -func (x *Vulnerability) GetCvss() map[string]*CVSS { - if x != nil { - return x.Cvss +func (m *Vulnerability) GetCvss() map[string]*CVSS { + if m != nil { + return m.Cvss } return nil } -func (x *Vulnerability) GetCweIds() []string { - if x != nil { - return x.CweIds +func (m *Vulnerability) GetCweIds() []string { + if m != nil { + return m.CweIds } return nil } -func (x *Vulnerability) GetPrimaryUrl() string { - if x != nil { - return x.PrimaryUrl +func (m *Vulnerability) GetPrimaryUrl() string { + if m != nil { + return m.PrimaryUrl } return "" } -func (x *Vulnerability) GetPublishedDate() *timestamppb.Timestamp { - if x != nil { - return x.PublishedDate +func (m *Vulnerability) GetPublishedDate() *timestamppb.Timestamp { + if m != nil { + return m.PublishedDate } return nil } -func (x *Vulnerability) GetLastModifiedDate() *timestamppb.Timestamp { - if x != nil { - return x.LastModifiedDate +func (m *Vulnerability) GetLastModifiedDate() *timestamppb.Timestamp { + if m != nil { + return m.LastModifiedDate } return nil } -func (x *Vulnerability) GetCustomAdvisoryData() *structpb.Value { - if x != nil { - return x.CustomAdvisoryData +func (m *Vulnerability) GetCustomAdvisoryData() *structpb.Value { + if m != nil { + return m.CustomAdvisoryData } return nil } -func (x *Vulnerability) GetCustomVulnData() *structpb.Value { - if x != nil { - return x.CustomVulnData +func (m *Vulnerability) GetCustomVulnData() *structpb.Value { + if m != nil { + return m.CustomVulnData } return nil } -func (x *Vulnerability) GetVendorIds() []string { - if x != nil { - return x.VendorIds +func (m *Vulnerability) GetVendorIds() []string { + if m != nil { + return m.VendorIds } return nil } +func (m *Vulnerability) GetDataSource() *DataSource { + if m != nil { + return m.DataSource + } + return nil +} + +type DataSource struct { + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Url string `protobuf:"bytes,2,opt,name=url,proto3" json:"url,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *DataSource) Reset() { *m = DataSource{} } +func (m *DataSource) String() string { return proto.CompactTextString(m) } +func (*DataSource) ProtoMessage() {} +func (*DataSource) Descriptor() ([]byte, []int) { + return fileDescriptor_6e749acacaaabfff, []int{9} +} + +func (m *DataSource) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_DataSource.Unmarshal(m, b) +} +func (m *DataSource) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_DataSource.Marshal(b, m, deterministic) +} +func (m *DataSource) XXX_Merge(src proto.Message) { + xxx_messageInfo_DataSource.Merge(m, src) +} +func (m *DataSource) XXX_Size() int { + return xxx_messageInfo_DataSource.Size(m) +} +func (m *DataSource) XXX_DiscardUnknown() { + xxx_messageInfo_DataSource.DiscardUnknown(m) +} + +var xxx_messageInfo_DataSource proto.InternalMessageInfo + +func (m *DataSource) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *DataSource) GetUrl() string { + if m != nil { + return m.Url + } + return "" +} + type Layer struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Digest string `protobuf:"bytes,1,opt,name=digest,proto3" json:"digest,omitempty"` - DiffId string `protobuf:"bytes,2,opt,name=diff_id,json=diffId,proto3" json:"diff_id,omitempty"` + Digest string `protobuf:"bytes,1,opt,name=digest,proto3" json:"digest,omitempty"` + DiffId string `protobuf:"bytes,2,opt,name=diff_id,json=diffId,proto3" json:"diff_id,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (x *Layer) Reset() { - *x = Layer{} - if protoimpl.UnsafeEnabled { - mi := &file_rpc_common_service_proto_msgTypes[9] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Layer) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Layer) ProtoMessage() {} - -func (x *Layer) ProtoReflect() protoreflect.Message { - mi := &file_rpc_common_service_proto_msgTypes[9] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Layer.ProtoReflect.Descriptor instead. +func (m *Layer) Reset() { *m = Layer{} } +func (m *Layer) String() string { return proto.CompactTextString(m) } +func (*Layer) ProtoMessage() {} func (*Layer) Descriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{9} + return fileDescriptor_6e749acacaaabfff, []int{10} } -func (x *Layer) GetDigest() string { - if x != nil { - return x.Digest +func (m *Layer) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Layer.Unmarshal(m, b) +} +func (m *Layer) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Layer.Marshal(b, m, deterministic) +} +func (m *Layer) XXX_Merge(src proto.Message) { + xxx_messageInfo_Layer.Merge(m, src) +} +func (m *Layer) XXX_Size() int { + return xxx_messageInfo_Layer.Size(m) +} +func (m *Layer) XXX_DiscardUnknown() { + xxx_messageInfo_Layer.DiscardUnknown(m) +} + +var xxx_messageInfo_Layer proto.InternalMessageInfo + +func (m *Layer) GetDigest() string { + if m != nil { + return m.Digest } return "" } -func (x *Layer) GetDiffId() string { - if x != nil { - return x.DiffId +func (m *Layer) GetDiffId() string { + if m != nil { + return m.DiffId } return "" } type CVSS struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - V2Vector string `protobuf:"bytes,1,opt,name=v2_vector,json=v2Vector,proto3" json:"v2_vector,omitempty"` - V3Vector string `protobuf:"bytes,2,opt,name=v3_vector,json=v3Vector,proto3" json:"v3_vector,omitempty"` - V2Score float64 `protobuf:"fixed64,3,opt,name=v2_score,json=v2Score,proto3" json:"v2_score,omitempty"` - V3Score float64 `protobuf:"fixed64,4,opt,name=v3_score,json=v3Score,proto3" json:"v3_score,omitempty"` + V2Vector string `protobuf:"bytes,1,opt,name=v2_vector,json=v2Vector,proto3" json:"v2_vector,omitempty"` + V3Vector string `protobuf:"bytes,2,opt,name=v3_vector,json=v3Vector,proto3" json:"v3_vector,omitempty"` + V2Score float64 `protobuf:"fixed64,3,opt,name=v2_score,json=v2Score,proto3" json:"v2_score,omitempty"` + V3Score float64 `protobuf:"fixed64,4,opt,name=v3_score,json=v3Score,proto3" json:"v3_score,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (x *CVSS) Reset() { - *x = CVSS{} - if protoimpl.UnsafeEnabled { - mi := &file_rpc_common_service_proto_msgTypes[10] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *CVSS) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*CVSS) ProtoMessage() {} - -func (x *CVSS) ProtoReflect() protoreflect.Message { - mi := &file_rpc_common_service_proto_msgTypes[10] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use CVSS.ProtoReflect.Descriptor instead. +func (m *CVSS) Reset() { *m = CVSS{} } +func (m *CVSS) String() string { return proto.CompactTextString(m) } +func (*CVSS) ProtoMessage() {} func (*CVSS) Descriptor() ([]byte, []int) { - return file_rpc_common_service_proto_rawDescGZIP(), []int{10} + return fileDescriptor_6e749acacaaabfff, []int{11} } -func (x *CVSS) GetV2Vector() string { - if x != nil { - return x.V2Vector +func (m *CVSS) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_CVSS.Unmarshal(m, b) +} +func (m *CVSS) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_CVSS.Marshal(b, m, deterministic) +} +func (m *CVSS) XXX_Merge(src proto.Message) { + xxx_messageInfo_CVSS.Merge(m, src) +} +func (m *CVSS) XXX_Size() int { + return xxx_messageInfo_CVSS.Size(m) +} +func (m *CVSS) XXX_DiscardUnknown() { + xxx_messageInfo_CVSS.DiscardUnknown(m) +} + +var xxx_messageInfo_CVSS proto.InternalMessageInfo + +func (m *CVSS) GetV2Vector() string { + if m != nil { + return m.V2Vector } return "" } -func (x *CVSS) GetV3Vector() string { - if x != nil { - return x.V3Vector +func (m *CVSS) GetV3Vector() string { + if m != nil { + return m.V3Vector } return "" } -func (x *CVSS) GetV2Score() float64 { - if x != nil { - return x.V2Score +func (m *CVSS) GetV2Score() float64 { + if m != nil { + return m.V2Score } return 0 } -func (x *CVSS) GetV3Score() float64 { - if x != nil { - return x.V3Score +func (m *CVSS) GetV3Score() float64 { + if m != nil { + return m.V3Score } return 0 } -var File_rpc_common_service_proto protoreflect.FileDescriptor - -var file_rpc_common_service_proto_rawDesc = []byte{ - 0x0a, 0x18, 0x72, 0x70, 0x63, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x73, 0x65, 0x72, - 0x76, 0x69, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x74, 0x72, 0x69, 0x76, - 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, - 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, - 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, - 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x44, 0x0a, 0x02, 0x4f, 0x53, 0x12, 0x16, 0x0a, - 0x06, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x66, - 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x65, 0x6f, 0x73, - 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x04, 0x65, 0x6f, 0x73, 0x6c, 0x22, 0x5d, 0x0a, - 0x0b, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x1b, 0x0a, 0x09, - 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x08, 0x66, 0x69, 0x6c, 0x65, 0x50, 0x61, 0x74, 0x68, 0x12, 0x31, 0x0a, 0x08, 0x70, 0x61, 0x63, - 0x6b, 0x61, 0x67, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x74, 0x72, - 0x69, 0x76, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x50, 0x61, 0x63, 0x6b, 0x61, - 0x67, 0x65, 0x52, 0x08, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x73, 0x22, 0x73, 0x0a, 0x0b, - 0x41, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x74, - 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, - 0x1b, 0x0a, 0x09, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x08, 0x66, 0x69, 0x6c, 0x65, 0x50, 0x61, 0x74, 0x68, 0x12, 0x33, 0x0a, 0x09, - 0x6c, 0x69, 0x62, 0x72, 0x61, 0x72, 0x69, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, - 0x15, 0x2e, 0x74, 0x72, 0x69, 0x76, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4c, - 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x52, 0x09, 0x6c, 0x69, 0x62, 0x72, 0x61, 0x72, 0x69, 0x65, - 0x73, 0x22, 0xba, 0x02, 0x0a, 0x07, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x12, 0x0a, - 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, - 0x65, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x72, - 0x65, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x65, - 0x6c, 0x65, 0x61, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x70, 0x6f, 0x63, 0x68, 0x18, 0x04, - 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x65, 0x70, 0x6f, 0x63, 0x68, 0x12, 0x12, 0x0a, 0x04, 0x61, - 0x72, 0x63, 0x68, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x61, 0x72, 0x63, 0x68, 0x12, - 0x19, 0x0a, 0x08, 0x73, 0x72, 0x63, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x07, 0x73, 0x72, 0x63, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x73, 0x72, - 0x63, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0a, 0x73, 0x72, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x1f, 0x0a, 0x0b, 0x73, - 0x72, 0x63, 0x5f, 0x72, 0x65, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0a, 0x73, 0x72, 0x63, 0x52, 0x65, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x12, 0x1b, 0x0a, 0x09, - 0x73, 0x72, 0x63, 0x5f, 0x65, 0x70, 0x6f, 0x63, 0x68, 0x18, 0x09, 0x20, 0x01, 0x28, 0x05, 0x52, - 0x08, 0x73, 0x72, 0x63, 0x45, 0x70, 0x6f, 0x63, 0x68, 0x12, 0x18, 0x0a, 0x07, 0x6c, 0x69, 0x63, - 0x65, 0x6e, 0x73, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6c, 0x69, 0x63, 0x65, - 0x6e, 0x73, 0x65, 0x12, 0x29, 0x0a, 0x05, 0x6c, 0x61, 0x79, 0x65, 0x72, 0x18, 0x0b, 0x20, 0x01, - 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x74, 0x72, 0x69, 0x76, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, - 0x6e, 0x2e, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x52, 0x05, 0x6c, 0x61, 0x79, 0x65, 0x72, 0x22, 0x51, - 0x0a, 0x07, 0x4c, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, - 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x18, 0x0a, - 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, - 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x6c, 0x69, 0x63, 0x65, 0x6e, - 0x73, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6c, 0x69, 0x63, 0x65, 0x6e, 0x73, - 0x65, 0x22, 0xb6, 0x02, 0x0a, 0x10, 0x4d, 0x69, 0x73, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, - 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1b, 0x0a, 0x09, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x74, - 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x66, 0x69, 0x6c, 0x65, 0x54, - 0x79, 0x70, 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x70, 0x61, 0x74, 0x68, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x66, 0x69, 0x6c, 0x65, 0x50, 0x61, 0x74, 0x68, - 0x12, 0x39, 0x0a, 0x09, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x65, 0x73, 0x18, 0x03, 0x20, - 0x03, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x74, 0x72, 0x69, 0x76, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, - 0x6f, 0x6e, 0x2e, 0x4d, 0x69, 0x73, 0x63, 0x6f, 0x6e, 0x66, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, - 0x52, 0x09, 0x73, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x65, 0x73, 0x12, 0x37, 0x0a, 0x08, 0x77, - 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1b, 0x2e, - 0x74, 0x72, 0x69, 0x76, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x69, 0x73, - 0x63, 0x6f, 0x6e, 0x66, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x52, 0x08, 0x77, 0x61, 0x72, 0x6e, - 0x69, 0x6e, 0x67, 0x73, 0x12, 0x37, 0x0a, 0x08, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x73, - 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x74, 0x72, 0x69, 0x76, 0x79, 0x2e, 0x63, - 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4d, 0x69, 0x73, 0x63, 0x6f, 0x6e, 0x66, 0x52, 0x65, 0x73, - 0x75, 0x6c, 0x74, 0x52, 0x08, 0x66, 0x61, 0x69, 0x6c, 0x75, 0x72, 0x65, 0x73, 0x12, 0x3b, 0x0a, - 0x0a, 0x65, 0x78, 0x63, 0x65, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, - 0x0b, 0x32, 0x1b, 0x2e, 0x74, 0x72, 0x69, 0x76, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, - 0x2e, 0x4d, 0x69, 0x73, 0x63, 0x6f, 0x6e, 0x66, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x52, 0x0a, - 0x65, 0x78, 0x63, 0x65, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x9d, 0x01, 0x0a, 0x0d, 0x4d, - 0x69, 0x73, 0x63, 0x6f, 0x6e, 0x66, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x1c, 0x0a, 0x09, - 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, - 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, - 0x73, 0x61, 0x67, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x04, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x69, 0x74, 0x6c, - 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x12, 0x1a, - 0x0a, 0x08, 0x73, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x08, 0x73, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x22, 0x86, 0x03, 0x0a, 0x18, 0x44, - 0x65, 0x74, 0x65, 0x63, 0x74, 0x65, 0x64, 0x4d, 0x69, 0x73, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, - 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x74, - 0x69, 0x74, 0x6c, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x69, 0x74, 0x6c, - 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, - 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, - 0x69, 0x6f, 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x05, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x1c, 0x0a, - 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x72, - 0x65, 0x73, 0x6f, 0x6c, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0a, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x75, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x32, 0x0a, 0x08, 0x73, - 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, - 0x74, 0x72, 0x69, 0x76, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x76, - 0x65, 0x72, 0x69, 0x74, 0x79, 0x52, 0x08, 0x73, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x12, - 0x1f, 0x0a, 0x0b, 0x70, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x09, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x70, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x55, 0x72, 0x6c, - 0x12, 0x1e, 0x0a, 0x0a, 0x72, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x73, 0x18, 0x0a, - 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x73, - 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x29, 0x0a, 0x05, 0x6c, 0x61, 0x79, 0x65, - 0x72, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x74, 0x72, 0x69, 0x76, 0x79, 0x2e, - 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x52, 0x05, 0x6c, 0x61, - 0x79, 0x65, 0x72, 0x22, 0x81, 0x07, 0x0a, 0x0d, 0x56, 0x75, 0x6c, 0x6e, 0x65, 0x72, 0x61, 0x62, - 0x69, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x29, 0x0a, 0x10, 0x76, 0x75, 0x6c, 0x6e, 0x65, 0x72, 0x61, - 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0f, 0x76, 0x75, 0x6c, 0x6e, 0x65, 0x72, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x49, 0x64, - 0x12, 0x19, 0x0a, 0x08, 0x70, 0x6b, 0x67, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x07, 0x70, 0x6b, 0x67, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x2b, 0x0a, 0x11, 0x69, - 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x65, 0x64, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, - 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x65, - 0x64, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x23, 0x0a, 0x0d, 0x66, 0x69, 0x78, 0x65, - 0x64, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0c, 0x66, 0x69, 0x78, 0x65, 0x64, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x14, 0x0a, - 0x05, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x69, - 0x74, 0x6c, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, - 0x6f, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, - 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x32, 0x0a, 0x08, 0x73, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, - 0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, 0x74, 0x72, 0x69, 0x76, 0x79, 0x2e, - 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x52, - 0x08, 0x73, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x12, 0x1e, 0x0a, 0x0a, 0x72, 0x65, 0x66, - 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x72, - 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, 0x73, 0x12, 0x29, 0x0a, 0x05, 0x6c, 0x61, 0x79, - 0x65, 0x72, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x74, 0x72, 0x69, 0x76, 0x79, - 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x4c, 0x61, 0x79, 0x65, 0x72, 0x52, 0x05, 0x6c, - 0x61, 0x79, 0x65, 0x72, 0x12, 0x27, 0x0a, 0x0f, 0x73, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, - 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x73, - 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x39, 0x0a, - 0x04, 0x63, 0x76, 0x73, 0x73, 0x18, 0x0c, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x74, 0x72, - 0x69, 0x76, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x56, 0x75, 0x6c, 0x6e, 0x65, - 0x72, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x2e, 0x43, 0x76, 0x73, 0x73, 0x45, 0x6e, 0x74, - 0x72, 0x79, 0x52, 0x04, 0x63, 0x76, 0x73, 0x73, 0x12, 0x17, 0x0a, 0x07, 0x63, 0x77, 0x65, 0x5f, - 0x69, 0x64, 0x73, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x09, 0x52, 0x06, 0x63, 0x77, 0x65, 0x49, 0x64, - 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x70, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x5f, 0x75, 0x72, 0x6c, - 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x70, 0x72, 0x69, 0x6d, 0x61, 0x72, 0x79, 0x55, - 0x72, 0x6c, 0x12, 0x41, 0x0a, 0x0e, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x73, 0x68, 0x65, 0x64, 0x5f, - 0x64, 0x61, 0x74, 0x65, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, - 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, - 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0d, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x73, 0x68, 0x65, - 0x64, 0x44, 0x61, 0x74, 0x65, 0x12, 0x48, 0x0a, 0x12, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x6d, 0x6f, - 0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x5f, 0x64, 0x61, 0x74, 0x65, 0x18, 0x10, 0x20, 0x01, 0x28, - 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x10, 0x6c, - 0x61, 0x73, 0x74, 0x4d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x44, 0x61, 0x74, 0x65, 0x12, - 0x48, 0x0a, 0x14, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x61, 0x64, 0x76, 0x69, 0x73, 0x6f, - 0x72, 0x79, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, - 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, - 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x12, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x41, 0x64, 0x76, - 0x69, 0x73, 0x6f, 0x72, 0x79, 0x44, 0x61, 0x74, 0x61, 0x12, 0x40, 0x0a, 0x10, 0x63, 0x75, 0x73, - 0x74, 0x6f, 0x6d, 0x5f, 0x76, 0x75, 0x6c, 0x6e, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x12, 0x20, - 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0e, 0x63, 0x75, 0x73, - 0x74, 0x6f, 0x6d, 0x56, 0x75, 0x6c, 0x6e, 0x44, 0x61, 0x74, 0x61, 0x12, 0x1d, 0x0a, 0x0a, 0x76, - 0x65, 0x6e, 0x64, 0x6f, 0x72, 0x5f, 0x69, 0x64, 0x73, 0x18, 0x13, 0x20, 0x03, 0x28, 0x09, 0x52, - 0x09, 0x76, 0x65, 0x6e, 0x64, 0x6f, 0x72, 0x49, 0x64, 0x73, 0x1a, 0x4b, 0x0a, 0x09, 0x43, 0x76, - 0x73, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x28, 0x0a, 0x05, 0x76, 0x61, 0x6c, - 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x74, 0x72, 0x69, 0x76, 0x79, - 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x43, 0x56, 0x53, 0x53, 0x52, 0x05, 0x76, 0x61, - 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x38, 0x0a, 0x05, 0x4c, 0x61, 0x79, 0x65, 0x72, - 0x12, 0x16, 0x0a, 0x06, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x06, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x12, 0x17, 0x0a, 0x07, 0x64, 0x69, 0x66, 0x66, - 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x69, 0x66, 0x66, 0x49, - 0x64, 0x22, 0x76, 0x0a, 0x04, 0x43, 0x56, 0x53, 0x53, 0x12, 0x1b, 0x0a, 0x09, 0x76, 0x32, 0x5f, - 0x76, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x76, 0x32, - 0x56, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x1b, 0x0a, 0x09, 0x76, 0x33, 0x5f, 0x76, 0x65, 0x63, - 0x74, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x76, 0x33, 0x56, 0x65, 0x63, - 0x74, 0x6f, 0x72, 0x12, 0x19, 0x0a, 0x08, 0x76, 0x32, 0x5f, 0x73, 0x63, 0x6f, 0x72, 0x65, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x01, 0x52, 0x07, 0x76, 0x32, 0x53, 0x63, 0x6f, 0x72, 0x65, 0x12, 0x19, - 0x0a, 0x08, 0x76, 0x33, 0x5f, 0x73, 0x63, 0x6f, 0x72, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x01, - 0x52, 0x07, 0x76, 0x33, 0x53, 0x63, 0x6f, 0x72, 0x65, 0x2a, 0x44, 0x0a, 0x08, 0x53, 0x65, 0x76, - 0x65, 0x72, 0x69, 0x74, 0x79, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, - 0x10, 0x00, 0x12, 0x07, 0x0a, 0x03, 0x4c, 0x4f, 0x57, 0x10, 0x01, 0x12, 0x0a, 0x0a, 0x06, 0x4d, - 0x45, 0x44, 0x49, 0x55, 0x4d, 0x10, 0x02, 0x12, 0x08, 0x0a, 0x04, 0x48, 0x49, 0x47, 0x48, 0x10, - 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x52, 0x49, 0x54, 0x49, 0x43, 0x41, 0x4c, 0x10, 0x04, 0x42, - 0x31, 0x5a, 0x2f, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x71, - 0x75, 0x61, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x2f, 0x74, 0x72, 0x69, 0x76, 0x79, - 0x2f, 0x72, 0x70, 0x63, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3b, 0x63, 0x6f, 0x6d, 0x6d, - 0x6f, 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +func init() { + proto.RegisterEnum("trivy.common.Severity", Severity_name, Severity_value) + proto.RegisterType((*OS)(nil), "trivy.common.OS") + proto.RegisterType((*PackageInfo)(nil), "trivy.common.PackageInfo") + proto.RegisterType((*Application)(nil), "trivy.common.Application") + proto.RegisterType((*Package)(nil), "trivy.common.Package") + proto.RegisterType((*Library)(nil), "trivy.common.Library") + proto.RegisterType((*Misconfiguration)(nil), "trivy.common.Misconfiguration") + proto.RegisterType((*MisconfResult)(nil), "trivy.common.MisconfResult") + proto.RegisterType((*DetectedMisconfiguration)(nil), "trivy.common.DetectedMisconfiguration") + proto.RegisterType((*Vulnerability)(nil), "trivy.common.Vulnerability") + proto.RegisterMapType((map[string]*CVSS)(nil), "trivy.common.Vulnerability.CvssEntry") + proto.RegisterType((*DataSource)(nil), "trivy.common.DataSource") + proto.RegisterType((*Layer)(nil), "trivy.common.Layer") + proto.RegisterType((*CVSS)(nil), "trivy.common.CVSS") } -var ( - file_rpc_common_service_proto_rawDescOnce sync.Once - file_rpc_common_service_proto_rawDescData = file_rpc_common_service_proto_rawDesc -) +func init() { proto.RegisterFile("rpc/common/service.proto", fileDescriptor_6e749acacaaabfff) } -func file_rpc_common_service_proto_rawDescGZIP() []byte { - file_rpc_common_service_proto_rawDescOnce.Do(func() { - file_rpc_common_service_proto_rawDescData = protoimpl.X.CompressGZIP(file_rpc_common_service_proto_rawDescData) - }) - return file_rpc_common_service_proto_rawDescData -} - -var file_rpc_common_service_proto_enumTypes = make([]protoimpl.EnumInfo, 1) -var file_rpc_common_service_proto_msgTypes = make([]protoimpl.MessageInfo, 12) -var file_rpc_common_service_proto_goTypes = []interface{}{ - (Severity)(0), // 0: trivy.common.Severity - (*OS)(nil), // 1: trivy.common.OS - (*PackageInfo)(nil), // 2: trivy.common.PackageInfo - (*Application)(nil), // 3: trivy.common.Application - (*Package)(nil), // 4: trivy.common.Package - (*Library)(nil), // 5: trivy.common.Library - (*Misconfiguration)(nil), // 6: trivy.common.Misconfiguration - (*MisconfResult)(nil), // 7: trivy.common.MisconfResult - (*DetectedMisconfiguration)(nil), // 8: trivy.common.DetectedMisconfiguration - (*Vulnerability)(nil), // 9: trivy.common.Vulnerability - (*Layer)(nil), // 10: trivy.common.Layer - (*CVSS)(nil), // 11: trivy.common.CVSS - nil, // 12: trivy.common.Vulnerability.CvssEntry - (*timestamppb.Timestamp)(nil), // 13: google.protobuf.Timestamp - (*structpb.Value)(nil), // 14: google.protobuf.Value -} -var file_rpc_common_service_proto_depIdxs = []int32{ - 4, // 0: trivy.common.PackageInfo.packages:type_name -> trivy.common.Package - 5, // 1: trivy.common.Application.libraries:type_name -> trivy.common.Library - 10, // 2: trivy.common.Package.layer:type_name -> trivy.common.Layer - 7, // 3: trivy.common.Misconfiguration.successes:type_name -> trivy.common.MisconfResult - 7, // 4: trivy.common.Misconfiguration.warnings:type_name -> trivy.common.MisconfResult - 7, // 5: trivy.common.Misconfiguration.failures:type_name -> trivy.common.MisconfResult - 7, // 6: trivy.common.Misconfiguration.exceptions:type_name -> trivy.common.MisconfResult - 0, // 7: trivy.common.DetectedMisconfiguration.severity:type_name -> trivy.common.Severity - 10, // 8: trivy.common.DetectedMisconfiguration.layer:type_name -> trivy.common.Layer - 0, // 9: trivy.common.Vulnerability.severity:type_name -> trivy.common.Severity - 10, // 10: trivy.common.Vulnerability.layer:type_name -> trivy.common.Layer - 12, // 11: trivy.common.Vulnerability.cvss:type_name -> trivy.common.Vulnerability.CvssEntry - 13, // 12: trivy.common.Vulnerability.published_date:type_name -> google.protobuf.Timestamp - 13, // 13: trivy.common.Vulnerability.last_modified_date:type_name -> google.protobuf.Timestamp - 14, // 14: trivy.common.Vulnerability.custom_advisory_data:type_name -> google.protobuf.Value - 14, // 15: trivy.common.Vulnerability.custom_vuln_data:type_name -> google.protobuf.Value - 11, // 16: trivy.common.Vulnerability.CvssEntry.value:type_name -> trivy.common.CVSS - 17, // [17:17] is the sub-list for method output_type - 17, // [17:17] is the sub-list for method input_type - 17, // [17:17] is the sub-list for extension type_name - 17, // [17:17] is the sub-list for extension extendee - 0, // [0:17] is the sub-list for field type_name -} - -func init() { file_rpc_common_service_proto_init() } -func file_rpc_common_service_proto_init() { - if File_rpc_common_service_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_rpc_common_service_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*OS); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rpc_common_service_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*PackageInfo); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rpc_common_service_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Application); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rpc_common_service_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Package); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rpc_common_service_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Library); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rpc_common_service_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Misconfiguration); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rpc_common_service_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*MisconfResult); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rpc_common_service_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*DetectedMisconfiguration); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rpc_common_service_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Vulnerability); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rpc_common_service_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Layer); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_rpc_common_service_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*CVSS); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_rpc_common_service_proto_rawDesc, - NumEnums: 1, - NumMessages: 12, - NumExtensions: 0, - NumServices: 0, - }, - GoTypes: file_rpc_common_service_proto_goTypes, - DependencyIndexes: file_rpc_common_service_proto_depIdxs, - EnumInfos: file_rpc_common_service_proto_enumTypes, - MessageInfos: file_rpc_common_service_proto_msgTypes, - }.Build() - File_rpc_common_service_proto = out.File - file_rpc_common_service_proto_rawDesc = nil - file_rpc_common_service_proto_goTypes = nil - file_rpc_common_service_proto_depIdxs = nil +var fileDescriptor_6e749acacaaabfff = []byte{ + // 1253 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x56, 0xdd, 0x6e, 0xdb, 0xb6, + 0x17, 0xff, 0xfb, 0xdb, 0x3a, 0x4e, 0x52, 0x95, 0xed, 0xbf, 0x53, 0xd3, 0x6e, 0x35, 0x3c, 0x0c, + 0x4b, 0x37, 0xc0, 0x46, 0x9d, 0x8b, 0xb5, 0xeb, 0xcd, 0xb2, 0xa4, 0x58, 0x8d, 0x36, 0x69, 0xa7, + 0xb4, 0x29, 0x30, 0x60, 0x10, 0x18, 0x8a, 0x76, 0x88, 0xc8, 0x92, 0x46, 0x52, 0x4a, 0xfd, 0x02, + 0x7b, 0x8b, 0xbd, 0xc6, 0x2e, 0x86, 0x3d, 0xdc, 0xc0, 0x0f, 0xc9, 0x52, 0x12, 0x2c, 0xdd, 0x95, + 0x78, 0x3e, 0xf8, 0x3b, 0x87, 0xbf, 0x73, 0x0e, 0x45, 0xf0, 0x78, 0x4a, 0x26, 0x24, 0x59, 0x2e, + 0x93, 0x78, 0x22, 0x28, 0xcf, 0x19, 0xa1, 0xe3, 0x94, 0x27, 0x32, 0x41, 0x1b, 0x92, 0xb3, 0x7c, + 0x35, 0x36, 0xb6, 0xed, 0x47, 0x8b, 0x24, 0x59, 0x44, 0x74, 0xa2, 0x6d, 0xa7, 0xd9, 0x7c, 0x22, + 0xd9, 0x92, 0x0a, 0x89, 0x97, 0xa9, 0x71, 0xdf, 0x7e, 0x78, 0xd9, 0x41, 0x48, 0x9e, 0x11, 0x69, + 0xac, 0xa3, 0x03, 0x68, 0xbe, 0x39, 0x46, 0xf7, 0xa0, 0x3b, 0xc7, 0x4b, 0x16, 0xad, 0xbc, 0xc6, + 0xb0, 0xb1, 0xe3, 0xf8, 0x56, 0x42, 0x08, 0xda, 0x31, 0x5e, 0x52, 0xaf, 0xa9, 0xb5, 0x7a, 0xad, + 0x74, 0x34, 0x11, 0x91, 0xd7, 0x1a, 0x36, 0x76, 0xfa, 0xbe, 0x5e, 0x8f, 0x7e, 0x85, 0xc1, 0x5b, + 0x4c, 0xce, 0xf1, 0x82, 0xce, 0xe2, 0x79, 0x82, 0x1e, 0x80, 0x33, 0x67, 0x11, 0x0d, 0x52, 0x2c, + 0xcf, 0x2c, 0x62, 0x5f, 0x29, 0xde, 0x62, 0x79, 0x86, 0x9e, 0x40, 0x3f, 0x35, 0xbe, 0xc2, 0x6b, + 0x0e, 0x5b, 0x3b, 0x83, 0xe9, 0xff, 0xc7, 0xd5, 0x13, 0x8d, 0x2d, 0x92, 0x5f, 0xba, 0x8d, 0x04, + 0x0c, 0xf6, 0xd2, 0x34, 0x62, 0x04, 0x4b, 0x96, 0xc4, 0x2a, 0x03, 0xb9, 0x4a, 0xa9, 0x45, 0xd6, + 0xeb, 0x7a, 0xc8, 0xe6, 0xa5, 0x90, 0xbb, 0xe0, 0x44, 0xec, 0x94, 0x63, 0xce, 0xa8, 0xf0, 0x5a, + 0xd7, 0xc5, 0x7c, 0xad, 0xcd, 0x2b, 0x7f, 0xed, 0x37, 0xfa, 0xab, 0x09, 0x3d, 0x9b, 0x4a, 0xc9, + 0x43, 0xa3, 0xc2, 0x83, 0x07, 0xbd, 0x9c, 0x72, 0xc1, 0x92, 0xd8, 0xc6, 0x2b, 0x44, 0x65, 0xe1, + 0x34, 0xa2, 0x58, 0x50, 0x4d, 0x92, 0xe3, 0x17, 0x22, 0xba, 0x0b, 0x1d, 0x9a, 0x26, 0xe4, 0xcc, + 0x6b, 0x0f, 0x1b, 0x3b, 0x1d, 0xdf, 0x08, 0x0a, 0x1d, 0x73, 0x72, 0xe6, 0x75, 0x0c, 0xba, 0x5a, + 0xa3, 0xfb, 0xd0, 0x17, 0x9c, 0x04, 0x3a, 0x6a, 0xd7, 0x80, 0x08, 0x4e, 0x8e, 0x54, 0xe0, 0x47, + 0x30, 0x50, 0xa6, 0x22, 0x78, 0x4f, 0x5b, 0x41, 0x70, 0x72, 0x62, 0xe3, 0x5b, 0x87, 0x22, 0x87, + 0x7e, 0xe9, 0xe0, 0xdb, 0x34, 0x1e, 0x80, 0xa3, 0x1c, 0x4c, 0x2a, 0x8e, 0x4e, 0x45, 0x45, 0x7b, + 0xa1, 0xb3, 0xf1, 0xa0, 0x17, 0x31, 0x42, 0x63, 0x41, 0x3d, 0x30, 0x81, 0xad, 0x88, 0x1e, 0x43, + 0x27, 0xc2, 0x2b, 0xca, 0xbd, 0xc1, 0xb0, 0xb1, 0x33, 0x98, 0xde, 0xb9, 0x44, 0xa1, 0x32, 0xf9, + 0xc6, 0x63, 0xf4, 0x33, 0xf4, 0x2c, 0xa5, 0xff, 0x9d, 0xbb, 0x22, 0x7a, 0xab, 0x16, 0x7d, 0xf4, + 0x67, 0x13, 0xdc, 0x43, 0x26, 0x48, 0x12, 0xcf, 0xd9, 0x22, 0xe3, 0xa6, 0x15, 0x8a, 0xb2, 0x57, + 0xfa, 0x41, 0x97, 0xfd, 0xdd, 0x8d, 0x3d, 0xf1, 0x0c, 0x1c, 0x91, 0x11, 0x42, 0x85, 0x28, 0x7b, + 0xe2, 0x41, 0xfd, 0x40, 0x36, 0x98, 0x4f, 0x45, 0x16, 0x49, 0x7f, 0xed, 0x8d, 0xbe, 0x83, 0xfe, + 0x05, 0xe6, 0x31, 0x8b, 0x17, 0xc2, 0x6b, 0xdf, 0xbc, 0xb3, 0x74, 0x56, 0x1b, 0xe7, 0x98, 0x45, + 0x19, 0xa7, 0xc2, 0xeb, 0x7c, 0xc2, 0xc6, 0xc2, 0x19, 0x3d, 0x07, 0xa0, 0x1f, 0x09, 0x4d, 0xd5, + 0x99, 0x85, 0xd7, 0xbd, 0x79, 0x6b, 0xc5, 0x7d, 0xf4, 0x47, 0x03, 0x36, 0x6b, 0x56, 0xf4, 0x10, + 0x1c, 0x55, 0x06, 0x91, 0x62, 0x52, 0xb0, 0xb6, 0x56, 0xa8, 0x12, 0x2c, 0xa9, 0x10, 0x78, 0x51, + 0xcc, 0x7d, 0x21, 0x96, 0x83, 0xd7, 0xaa, 0x0c, 0xde, 0x16, 0x34, 0x59, 0xa8, 0xfb, 0xd9, 0xf1, + 0x9b, 0x2c, 0x54, 0x2d, 0x2e, 0x99, 0x8c, 0xa8, 0xed, 0x66, 0x23, 0xa0, 0x6d, 0xe8, 0x0b, 0x9a, + 0x53, 0xce, 0xe4, 0xca, 0xb6, 0x73, 0x29, 0x8f, 0x7e, 0x6f, 0x81, 0x77, 0x40, 0x25, 0x25, 0x92, + 0x86, 0x57, 0x0a, 0x7c, 0xdd, 0xac, 0x9b, 0x90, 0xcd, 0xab, 0x21, 0x5b, 0xd5, 0x90, 0x43, 0x18, + 0x84, 0x54, 0x10, 0xce, 0x34, 0x0d, 0x36, 0xc3, 0xaa, 0xaa, 0x7a, 0xd0, 0x4e, 0xfd, 0xa0, 0x35, + 0x82, 0xba, 0x97, 0x09, 0xfa, 0x02, 0x80, 0x53, 0x91, 0x44, 0x99, 0xac, 0xcc, 0xdf, 0x5a, 0x83, + 0xa6, 0x95, 0xc3, 0xaa, 0xe1, 0xdb, 0x9a, 0xde, 0xab, 0xd7, 0xea, 0xd8, 0x5a, 0xd7, 0x24, 0xa8, + 0x99, 0x4d, 0x39, 0x5b, 0x62, 0xbe, 0x0a, 0x32, 0x1e, 0xe9, 0xa1, 0x74, 0x7c, 0xb0, 0xaa, 0xf7, + 0x3c, 0x32, 0x41, 0xe7, 0x94, 0xd3, 0x98, 0x50, 0xe1, 0xc1, 0xb0, 0x65, 0x82, 0x16, 0x1a, 0x75, + 0x85, 0x0b, 0x89, 0x65, 0x26, 0xf4, 0x74, 0x3a, 0xbe, 0x95, 0xd6, 0x43, 0xbb, 0x71, 0xe3, 0xd0, + 0xfe, 0xdd, 0x83, 0xcd, 0x93, 0x2c, 0x8a, 0x29, 0xc7, 0xa7, 0x2c, 0x52, 0x59, 0x3d, 0x06, 0x37, + 0xaf, 0x2a, 0x02, 0x16, 0xda, 0x4a, 0xdc, 0xaa, 0xe9, 0x67, 0xa1, 0xba, 0xb0, 0xd2, 0xf3, 0x45, + 0x50, 0xf9, 0x5d, 0xf4, 0xd2, 0xf3, 0x85, 0xbe, 0xb0, 0xbe, 0x85, 0xdb, 0x2c, 0x16, 0x12, 0x47, + 0x11, 0x0d, 0xcb, 0x6b, 0xcb, 0xd4, 0xca, 0x2d, 0x0d, 0xc5, 0xe5, 0xf5, 0x25, 0x6c, 0xce, 0xd9, + 0xc7, 0x8a, 0xa3, 0x29, 0xdc, 0x86, 0x56, 0x16, 0x4e, 0xd7, 0x37, 0xd9, 0xa5, 0x8a, 0x77, 0xaf, + 0x56, 0xbc, 0x5a, 0x99, 0xde, 0x27, 0x56, 0xa6, 0x4e, 0x7c, 0xff, 0x0a, 0xf1, 0x25, 0xc1, 0x70, + 0x13, 0xc1, 0xe8, 0x6b, 0xb8, 0x55, 0xc0, 0x06, 0x22, 0xc9, 0x38, 0xa1, 0xb6, 0x58, 0x5b, 0x85, + 0xfa, 0x58, 0x6b, 0xd1, 0x33, 0x68, 0x93, 0x5c, 0x08, 0x6f, 0x43, 0x4f, 0xfa, 0x57, 0x75, 0xc8, + 0x5a, 0x89, 0xc6, 0xfb, 0xb9, 0x10, 0x2f, 0x62, 0xc9, 0x57, 0xbe, 0xde, 0x82, 0x3e, 0x83, 0x1e, + 0xb9, 0xa0, 0x01, 0x0b, 0x85, 0xb7, 0xa9, 0x73, 0xed, 0x92, 0x0b, 0x3a, 0x0b, 0xc5, 0xe5, 0x0e, + 0xdb, 0xba, 0xd2, 0x61, 0x7b, 0xb0, 0x95, 0x66, 0xa7, 0x11, 0x13, 0x67, 0x34, 0x0c, 0x42, 0x2c, + 0xa9, 0x77, 0x4b, 0x9f, 0x68, 0x7b, 0x6c, 0x5e, 0x10, 0xe3, 0xe2, 0x05, 0x31, 0x7e, 0x57, 0x3c, + 0x31, 0xfc, 0xcd, 0x72, 0xc7, 0x01, 0x96, 0x14, 0xbd, 0x04, 0x14, 0x61, 0x21, 0x83, 0x65, 0x12, + 0xb2, 0x39, 0x2b, 0x60, 0xdc, 0x1b, 0x61, 0x5c, 0xb5, 0xeb, 0xd0, 0x6e, 0xb2, 0x48, 0x77, 0x49, + 0x26, 0x64, 0xb2, 0x0c, 0x70, 0x98, 0x33, 0x91, 0xf0, 0x95, 0xc2, 0xc2, 0xde, 0x6d, 0x8d, 0x75, + 0xef, 0x0a, 0xd6, 0x09, 0x8e, 0x32, 0xea, 0x23, 0xb3, 0x67, 0xcf, 0x6e, 0x39, 0xc0, 0x12, 0xa3, + 0x1f, 0xc0, 0xb5, 0x48, 0xaa, 0x65, 0x0d, 0x0a, 0xfa, 0x57, 0x94, 0x2d, 0xe3, 0xaf, 0x78, 0xd6, + 0x08, 0x9f, 0x03, 0xe4, 0x34, 0x0e, 0x13, 0xae, 0x59, 0xbd, 0xa3, 0x59, 0x75, 0x8c, 0x46, 0x11, + 0xfb, 0x0c, 0x06, 0x0a, 0xb4, 0xa8, 0xe8, 0x5d, 0x8d, 0xed, 0xd5, 0x6b, 0xa6, 0x70, 0x4c, 0x6d, + 0x7d, 0x08, 0xcb, 0xf5, 0xf6, 0x2b, 0x70, 0xca, 0xfa, 0x21, 0x17, 0x5a, 0xe7, 0xb4, 0x78, 0x81, + 0xa9, 0x25, 0xda, 0x81, 0x4e, 0xae, 0x32, 0xd2, 0x03, 0x35, 0x98, 0xa2, 0x3a, 0xe6, 0xfe, 0xc9, + 0xf1, 0xb1, 0x6f, 0x1c, 0xbe, 0x6f, 0x3e, 0x6d, 0x8c, 0xa6, 0x00, 0xeb, 0x30, 0xd7, 0xfe, 0x76, + 0x5d, 0x68, 0xa9, 0xd2, 0x9b, 0xf1, 0x54, 0xcb, 0xd1, 0x53, 0xe8, 0xe8, 0x0e, 0x55, 0xd7, 0x47, + 0xc8, 0x16, 0x54, 0xc8, 0xe2, 0x05, 0x68, 0x24, 0xd5, 0x4e, 0x21, 0x9b, 0xcf, 0x83, 0xf2, 0xc2, + 0xed, 0x2a, 0x71, 0x16, 0x8e, 0x72, 0x68, 0xab, 0x04, 0xd4, 0x4f, 0x36, 0x9f, 0x06, 0x39, 0x25, + 0x32, 0xe1, 0xc5, 0x1f, 0x38, 0x9f, 0x9e, 0x68, 0x59, 0x1b, 0x77, 0x0b, 0xa3, 0xfd, 0x03, 0xe7, + 0xbb, 0xd6, 0x78, 0x1f, 0xfa, 0xf9, 0x34, 0x10, 0x24, 0xe1, 0xe6, 0xe6, 0x6e, 0xf8, 0xbd, 0x7c, + 0x7a, 0xac, 0x44, 0x6d, 0xda, 0xb5, 0xa6, 0xb6, 0x35, 0xed, 0x6a, 0xd3, 0x37, 0x07, 0xd0, 0x2f, + 0x86, 0x14, 0x0d, 0xa0, 0xf7, 0xfe, 0xe8, 0xd5, 0xd1, 0x9b, 0x0f, 0x47, 0xee, 0xff, 0x50, 0x0f, + 0x5a, 0xaf, 0xdf, 0x7c, 0x70, 0x1b, 0x08, 0xa0, 0x7b, 0xf8, 0xe2, 0x60, 0xf6, 0xfe, 0xd0, 0x6d, + 0xa2, 0x3e, 0xb4, 0x5f, 0xce, 0x7e, 0x7a, 0xe9, 0xb6, 0xd0, 0x06, 0xf4, 0xf7, 0xfd, 0xd9, 0xbb, + 0xd9, 0xfe, 0xde, 0x6b, 0xb7, 0xfd, 0xe3, 0x93, 0x5f, 0x26, 0x0b, 0x26, 0xcf, 0xb2, 0x53, 0x45, + 0xe6, 0x04, 0xff, 0x96, 0x61, 0x41, 0x49, 0xa6, 0x40, 0x27, 0x9a, 0xe3, 0xc9, 0xfa, 0xf5, 0xfd, + 0xdc, 0x7c, 0x4e, 0xbb, 0xba, 0x4b, 0x76, 0xff, 0x09, 0x00, 0x00, 0xff, 0xff, 0x3c, 0x8e, 0x21, + 0xdb, 0x99, 0x0b, 0x00, 0x00, } diff --git a/rpc/common/service.proto b/rpc/common/service.proto index 9d1d659443..192392b643 100644 --- a/rpc/common/service.proto +++ b/rpc/common/service.proto @@ -100,6 +100,12 @@ message Vulnerability { google.protobuf.Value custom_advisory_data = 17; google.protobuf.Value custom_vuln_data = 18; repeated string vendor_ids = 19; + DataSource data_source = 20; +} + +message DataSource { + string name = 1; + string url = 2; } message Layer {