mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-05 20:40:16 -08:00
162 lines
6.8 KiB
Smarty
162 lines
6.8 KiB
Smarty
{
|
|
"Findings": [
|
|
{{- $t_first := true -}}
|
|
{{- range . -}}
|
|
{{- $target := .Target -}}
|
|
{{- $image := .Target -}}
|
|
{{- if gt (len $image) 127 -}}
|
|
{{- $image = $image | regexFind ".{124}$" | printf "...%v" -}}
|
|
{{- end}}
|
|
{{- range .Vulnerabilities -}}
|
|
{{- if $t_first -}}
|
|
{{- $t_first = false -}}
|
|
{{- else -}}
|
|
,
|
|
{{- end -}}
|
|
{{- $severity := .Severity -}}
|
|
{{- if eq $severity "UNKNOWN" -}}
|
|
{{- $severity = "INFORMATIONAL" -}}
|
|
{{- end -}}
|
|
{{- $description := .Description -}}
|
|
{{- if gt (len $description ) 512 -}}
|
|
{{- $description = (substr 0 512 $description) | printf "%v .." -}}
|
|
{{- end}}
|
|
{
|
|
"SchemaVersion": "2018-10-08",
|
|
"Id": "{{ $target }}/{{ .VulnerabilityID }}",
|
|
"ProductArn": "arn:aws:securityhub:{{ env "AWS_REGION" }}::product/aquasecurity/aquasecurity",
|
|
"GeneratorId": "Trivy/{{ .VulnerabilityID }}",
|
|
"AwsAccountId": "{{ env "AWS_ACCOUNT_ID" }}",
|
|
"Types": [ "Software and Configuration Checks/Vulnerabilities/CVE" ],
|
|
"CreatedAt": "{{ now | date "2006-01-02T15:04:05.999999999Z07:00" }}",
|
|
"UpdatedAt": "{{ now | date "2006-01-02T15:04:05.999999999Z07:00" }}",
|
|
"Severity": {
|
|
"Label": "{{ $severity }}"
|
|
},
|
|
"Title": "Trivy found a vulnerability to {{ .VulnerabilityID }} in container {{ $target }}, related to {{ .PkgName }}",
|
|
"Description": {{ escapeString $description | printf "%q" }},
|
|
{{ if not (empty .PrimaryURL) -}}
|
|
"Remediation": {
|
|
"Recommendation": {
|
|
"Text": "More information on this vulnerability is provided in the hyperlink",
|
|
"Url": "{{ .PrimaryURL }}"
|
|
}
|
|
},
|
|
{{ end -}}
|
|
"ProductFields": { "Product Name": "Trivy" },
|
|
"Resources": [
|
|
{
|
|
"Type": "Container",
|
|
"Id": "{{ $target }}",
|
|
"Partition": "aws",
|
|
"Region": "{{ env "AWS_REGION" }}",
|
|
"Details": {
|
|
"Container": { "ImageName": "{{ $image }}" },
|
|
"Other": {
|
|
"CVE ID": "{{ .VulnerabilityID }}",
|
|
"CVE Title": {{ .Title | printf "%q" }},
|
|
"PkgName": "{{ .PkgName }}",
|
|
"Installed Package": "{{ .InstalledVersion }}",
|
|
"Patched Package": "{{ .FixedVersion }}",
|
|
"NvdCvssScoreV3": "{{ (index .CVSS (sourceID "nvd")).V3Score }}",
|
|
"NvdCvssVectorV3": "{{ (index .CVSS (sourceID "nvd")).V3Vector }}",
|
|
"NvdCvssScoreV2": "{{ (index .CVSS (sourceID "nvd")).V2Score }}",
|
|
"NvdCvssVectorV2": "{{ (index .CVSS (sourceID "nvd")).V2Vector }}"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"RecordState": "ACTIVE"
|
|
}
|
|
{{- end -}}
|
|
{{- range .Misconfigurations -}}
|
|
{{- if $t_first -}}{{- $t_first = false -}}{{- else -}},{{- end -}}
|
|
{{- $severity := .Severity -}}
|
|
{{- if eq $severity "UNKNOWN" -}}
|
|
{{- $severity = "INFORMATIONAL" -}}
|
|
{{- end -}}
|
|
{{- $description := .Description -}}
|
|
{{- if gt (len $description ) 512 -}}
|
|
{{- $description = (substr 0 512 $description) | printf "%v .." -}}
|
|
{{- end}}
|
|
{
|
|
"SchemaVersion": "2018-10-08",
|
|
"Id": "{{ $target }}/{{ .ID }}",
|
|
"ProductArn": "arn:aws:securityhub:{{ env "AWS_REGION" }}::product/aquasecurity/aquasecurity",
|
|
"GeneratorId": "Trivy/{{ .ID }}",
|
|
"AwsAccountId": "{{ env "AWS_ACCOUNT_ID" }}",
|
|
"Types": [ "Software and Configuration Checks" ],
|
|
"CreatedAt": "{{ now | date "2006-01-02T15:04:05.999999999Z07:00" }}",
|
|
"UpdatedAt": "{{ now | date "2006-01-02T15:04:05.999999999Z07:00" }}",
|
|
"Severity": {
|
|
"Label": "{{ $severity }}"
|
|
},
|
|
"Title": "Trivy found a misconfiguration in {{ $target }}: {{ escapeString .Title }}",
|
|
"Description": {{ escapeString $description | printf "%q" }},
|
|
"Remediation": {
|
|
"Recommendation": {
|
|
"Text": "{{ .Resolution }}",
|
|
"Url": "{{ .PrimaryURL }}"
|
|
}
|
|
},
|
|
"ProductFields": { "Product Name": "Trivy" },
|
|
"Resources": [
|
|
{
|
|
"Type": "Other",
|
|
"Id": "{{ $target }}",
|
|
"Partition": "aws",
|
|
"Region": "{{ env "AWS_REGION" }}",
|
|
"Details": {
|
|
"Other": {
|
|
"Message": "{{ escapeString .Message }}",
|
|
"Filename": "{{ $target }}",
|
|
"StartLine": "{{ .CauseMetadata.StartLine }}",
|
|
"EndLine": "{{ .CauseMetadata.EndLine }}"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"RecordState": "ACTIVE"
|
|
}
|
|
{{- end -}}
|
|
{{- range .Secrets -}}
|
|
{{- if $t_first -}}{{- $t_first = false -}}{{- else -}},{{- end -}}
|
|
{{- $severity := .Severity -}}
|
|
{{- if eq $severity "UNKNOWN" -}}
|
|
{{- $severity = "INFORMATIONAL" -}}
|
|
{{- end -}}
|
|
{
|
|
"SchemaVersion": "2018-10-08",
|
|
"Id": "{{ $target }}",
|
|
"ProductArn": "arn:aws:securityhub:{{ env "AWS_REGION" }}::product/aquasecurity/aquasecurity",
|
|
"GeneratorId": "Trivy",
|
|
"AwsAccountId": "{{ env "AWS_ACCOUNT_ID" }}",
|
|
"Types": [ "Sensitive Data Identifications" ],
|
|
"CreatedAt": "{{ now | date "2006-01-02T15:04:05.999999999Z07:00" }}",
|
|
"UpdatedAt": "{{ now | date "2006-01-02T15:04:05.999999999Z07:00" }}",
|
|
"Severity": {
|
|
"Label": "{{ $severity }}"
|
|
},
|
|
"Title": "Trivy found a secret in {{ $target }}: {{ .Title }}",
|
|
"Description": "Trivy found a secret in {{ $target }}: {{ .Title }}",
|
|
"ProductFields": { "Product Name": "Trivy" },
|
|
"Resources": [
|
|
{
|
|
"Type": "Other",
|
|
"Id": "{{ $target }}",
|
|
"Partition": "aws",
|
|
"Region": "{{ env "AWS_REGION" }}",
|
|
"Details": {
|
|
"Other": {
|
|
"Filename": "{{ $target }}"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"RecordState": "ACTIVE"
|
|
}
|
|
{{- end -}}
|
|
{{- end }}
|
|
]
|
|
}
|