components/testdata/reports/harbor/harbor.json
{
"application/vnd.security.vulnerability.report; version=1.1": {
"generated_at": "2023-08-26T16:32:21.923910328Z",
"scanner": {
"name": "Trivy",
"vendor": "Aqua Security",
"version": "v0.42.0"
},
"severity": "Critical",
"vulnerabilities": [
{
"id": "CVE-2011-3374",
"package": "apt",
"version": "2.2.4",
"fix_version": "",
"severity": "Low",
"description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.",
"links": [
"https://avd.aquasec.com/nvd/cve-2011-3374"
],
"artifact_digests": [
"sha256:123etc"
],
"preferred_cvss": {
"score_v3": 3.7,
"score_v2": 4.3,
"vector_v3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"vector_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N"
},
"cwe_ids": [
"CWE-347"
],
"vendor_attributes": {
"CVSS": {
"nvd": {
"V2Score": 4.3,
"V2Vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"V3Score": 3.7,
"V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"
}
}
}
},
{
"id": "CVE-2020-22218",
"package": "libssh2-1",
"version": "1.9.0-2",
"fix_version": "",
"severity": "High",
"description": "An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.",
"links": [
"https://avd.aquasec.com/nvd/cve-2020-22218"
],
"artifact_digests": [
"sha256:456etc"
],
"preferred_cvss": {
"score_v3": null,
"score_v2": null,
"vector_v3": "",
"vector_v2": ""
},
"cwe_ids": [
""
],
"vendor_attributes": null
}
]
}
}